Testrail Security Vulnerabilities and Issues — Testrail CVE List

Lucene search

GurockTestrail

4 matches found

CVE•added 2021/12/20 9:15 a.m.•51 views

CVE-2021-44263

Gurock TestRail before 7.2.4 mishandles HTML escaping.

5.4CVSS5.5AI score0.00589EPSS

CVE•added 2021/08/09 1:15 p.m.•36 views

CVE-2021-37788

A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. ...

5.4CVSS5.5AI score0.00241EPSS

CVE•added 2023/02/03 6:15 p.m.•30 views

CVE-2021-36538

Cross Site Scripting (XSS) vulnerability in Gurock TestRail before 7.1.2 allows remote authenticated attackers to run arbitrary code via the reference field in milestones or description fields in reports.

5.4CVSS5.2AI score0.00042EPSS

CVE•added 2019/02/07 4:29 p.m.•28 views

CVE-2019-7535

index.php in Gurock TestRail 5.3.0.3603 returns potentially sensitive information for an invalid request, as demonstrated by full path disclosure and the identification of PHP as the backend technology.

5.3CVSS5.2AI score0.00232EPSS