Onenav Project - Onenav CVE

Filtered by vendor Onenav Project Subscribe

Filtered by product Onenav

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-38138	1 Onenav Project	1 Onenav	2021-08-11	3.5 LOW	5.4 MEDIUM
OneNav beta 0.9.12 allows XSS via the Add Link feature. NOTE: the vendor's position is that there intentionally is not any XSS protection at present, because the attack risk is largely limited to a compromised account; however, XSS protection is planned for a future release.

Vulnerabilities (CVE)