Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to...
5.8CVSS
6.1AI Score
0.001EPSS
Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to...
5.8CVSS
6.1AI Score
0.001EPSS
7.2CVSS
8.9AI Score
0.001EPSS
Improper Restriction of Names for Files and Other Resources in GitHub repository lirantal/daloradius prior to...
7.2CVSS
7AI Score
0.001EPSS
Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to...
5.3CVSS
5.3AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
daloRADIUS is an open source RADIUS web management application. daloRadius 1.3 and prior are vulnerable to a combination cross site scripting (XSS) and cross site request forgery (CSRF) vulnerability which leads to account takeover in the mng-del.php file because of an unescaped variable reflected....
8.8CVSS
8.2AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in daloradius-users/login.php in daloRADIUS 0.9-8 and earlier allows remote attackers to inject arbitrary web script or HTML via the error...
5.9AI Score
0.002EPSS