Lavalite: >> Lavalite >> 5.2.4 Security Vulnerabilities
LavaLite through 5.7 has XSS via a crafted account name that is mishandled on the Manage Clients screen.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-10-10
LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of service and execution of javascript code.
CVSS Score
5.4
EPSS Score
0.003
Published
2018-01-03