Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-14472 | 1 Zurmo | 1 Zurmo | 2019-08-05 | 4.3 MEDIUM | 6.1 MEDIUM |
Zurmo 3.2.7-2 has XSS via the app/index.php/zurmo/default PATH_INFO. | |||||
CVE-2018-19506 | 1 Zurmo | 1 Zurmo | 2019-02-26 | 3.5 LOW | 4.8 MEDIUM |
Zurmo 3.2.4 has XSS via an admin's use of the name parameter in the reports section, aka the app/index.php/reports/default/details?id=1 URI. | |||||
CVE-2018-19596 | 1 Zurmo | 1 Zurmo | 2019-02-26 | 3.5 LOW | 4.8 MEDIUM |
Zurmo 3.2.4 allows HTML Injection via an admin's use of HTML in the report section, a related issue to CVE-2018-19506. |