Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-45227 | 1 Coins-global | 1 Coins Construction Cloud | 2022-04-21 | 3.5 LOW | 5.4 MEDIUM |
An issue was discovered in COINS Construction Cloud 11.12. Due to an inappropriate use of HTML IFRAME elements, the file upload functionality is vulnerable to a persistent Cross-Site Scripting (XSS) attack. | |||||
CVE-2021-45228 | 1 Coins-global | 1 Coins Construction Cloud | 2022-04-21 | 3.5 LOW | 5.4 MEDIUM |
An XSS issue was discovered in COINS Construction Cloud 11.12. Due to insufficient neutralization of user input in the description of a task, it is possible to store malicious JavaScript code in the task description. This is later executed when it is reflected back to the user. |