Cross - site scripting (XSS) vulnerability in UrBackup Server before 2.1.20 allows remote attackers to inject arbitrary web script or HTML via the action parameter.
6.1CVSS
6AI Score
0.001EPSS
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid.
5.3CVSS
5.3AI Score
0.0005EPSS