CVE-2021-4269
- EPSS 0.27%
- Veröffentlicht 21.12.2022 19:15:13
- Zuletzt bearbeitet 21.11.2024 06:37:16
A vulnerability has been found in SimpleRisk and classified as problematic. This vulnerability affects the function checkAndSetValidation of the file simplerisk/js/common.js. The manipulation of the argument title leads to cross site scripting. The a...
CVE-2017-10711
- EPSS 0.24%
- Veröffentlicht 24.07.2017 13:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
In SimpleRisk 20170614-001, a CSRF attack on reset.php (aka the Send Password Reset Email form) can insert XSS sequences via the user parameter.
CVE-2013-5748
- EPSS 0.25%
- Veröffentlicht 12.05.2014 14:55:05
- Zuletzt bearbeitet 12.04.2025 10:46:40
Cross-site request forgery (CSRF) vulnerability in management/prioritize_planning.php in SimpleRisk before 20130916-001 allows remote attackers to hijack the authentication of users for requests that add projects via an add_project action.
CVE-2013-5749
- EPSS 0.23%
- Veröffentlicht 12.05.2014 14:55:05
- Zuletzt bearbeitet 12.04.2025 10:46:40
Cross-site scripting (XSS) vulnerability in management/prioritize_planning.php in SimpleRisk before 20130916-001 allows remote attackers to inject arbitrary web script or HTML via the new_project parameter.