Security Vulnerabilities - CVEs Published In January 2022
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Score
5.3
EPSS Score
0.0
Published
2022-01-17
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Score
6.1
EPSS Score
0.0
Published
2022-01-17
pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
CVSS Score
8.3
EPSS Score
0.0
Published
2022-01-17
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Score
7.1
EPSS Score
0.003
Published
2022-01-17
icecoder is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Score
5.4
EPSS Score
0.003
Published
2022-01-17
mruby is vulnerable to NULL Pointer Dereference
CVSS Score
6.2
EPSS Score
0.003
Published
2022-01-17
The WP Booking System WordPress plugin before 2.0.15 was affected by a reflected xss in wp-booking-system on the wpbs-calendars admin page.
CVSS Score
5.4
EPSS Score
0.013
Published
2022-01-17
The Smash Balloon Social Post Feed WordPress plugin before 4.1.1 was affected by a reflected XSS in custom-facebook-feed in cff-top admin page.
CVSS Score
5.4
EPSS Score
0.029
Published
2022-01-17
The Landing Page Builder WordPress plugin before 1.4.9.6 was affected by a reflected XSS in page-builder-add on the ulpb_post admin page.
CVSS Score
5.4
EPSS Score
0.049
Published
2022-01-17
calibre-web is vulnerable to Cross-Site Request Forgery (CSRF)
CVSS Score
7.6
EPSS Score
0.001
Published
2022-01-17