Vulnerabilities (CVE)

Filtered by vendor Graylog Subscribe

Filtered by product Graylog

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-14380	1 Graylog	1 Graylog	2018-09-14	4.3 MEDIUM	6.1 MEDIUM
In Graylog before 2.4.6, XSS was possible in typeahead components, related to components/common/TypeAheadInput.jsx and components/search/QueryInput.ts.
CVE-2018-11651	1 Graylog	1 Graylog	2018-06-27	4.3 MEDIUM	6.1 MEDIUM
Graylog before v2.4.4 has an XSS security issue with unescaped text in dashboard names, related to components/dashboard/Dashboard.jsx, components/dashboard/EditDashboardModal.jsx, and pages/ShowDashboardPage.jsx.
CVE-2018-11650	1 Graylog	1 Graylog	2018-06-27	4.3 MEDIUM	6.1 MEDIUM
Graylog before v2.4.4 has an XSS security issue with unescaped text in notifications, related to toastr and util/UserNotification.js.