Openteknik: >> Open Source Social Network >> 6.3 Security Vulnerabilities
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an HTML injection vulnerability via the location parameter at http://ip_address/:port/ossn/home.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-07-25
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Group Timeline module.
CVSS Score
5.4
EPSS Score
0.014
Published
2022-07-25
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an arbitrary file upload vulnerability via the component /ossn/administrator/com_installer. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. Note: The project owner believes this is intended behavior of the application as it only allows authenticated admins to upload files.
CVSS Score
7.2
EPSS Score
0.006
Published
2022-07-25
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline module.
CVSS Score
5.4
EPSS Score
0.003
Published
2022-07-25
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed module.
CVSS Score
5.4
EPSS Score
0.012
Published
2022-07-25
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the SitePages module.
CVSS Score
4.8
EPSS Score
0.001
Published
2022-07-25