Filtered by vendor I-doit
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-3151 | 1 I-doit | 1 I-doit | 2021-06-03 | 3.5 LOW | 5.4 MEDIUM |
| i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__MONITORING__CONFIG__ADDRESS, or SM2__C__MONITORING__CONFIG__ADDRESS. | |||||
| CVE-2020-13825 | 1 I-doit | 1 I-doit | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in i-doit 1.14.2 allows remote attackers to inject arbitrary web script or HTML via the viewMode, tvMode, tvType, objID, catgID, objTypeID, or editMode parameter. | |||||
| CVE-2019-6965 | 1 I-doit | 1 I-doit | 2019-06-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS issue was discovered in i-doit Open 1.12 via the src/tools/php/qr/qr.php url parameter. | |||||