Groundhogg: >> Groundhogg >> 2.7.10.2 Security Vulnerabilities
Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg Inc. Groundhogg allows Cross Site Request Forgery.This issue affects Groundhogg: from n/a through 3.4.2.3.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-01-02
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Groundhogg Inc. Groundhogg allows Reflected XSS.This issue affects Groundhogg: from n/a through 3.4.2.3.
CVSS Score
7.1
EPSS Score
0.003
Published
2024-07-22
Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg Inc. Groundhogg plugin <= 2.7.11 versions.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-11-09
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Groundhogg Inc. Groundhogg allows SQL Injection.This issue affects Groundhogg: from n/a through 2.7.11.
CVSS Score
7.2
EPSS Score
0.002
Published
2023-11-03
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Groundhogg Inc. Groundhogg plugin <= 2.7.11.10 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-10-31