Collabtive@3.1 Security Vulnerabilities and Issues — Collabtive@3.1 CVE List

Lucene search

O-dynCollabtive3.1

6 matches found

CVE•added 2021/01/29 6:15 a.m.•91 views

CVE-2021-3298

Collabtive 3.1 allows XSS when an authenticated user enters an XSS payload into the address section of the profile edit page, aka the manageuser.php?action=edit address1 parameter.

5.4CVSS5.1AI score0.00163EPSS

CVE•added 2024/10/22 5:15 p.m.•41 views

CVE-2024-48706

Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the title parameter with action=add or action=editform within the (a) managemessage.php file and (b) managetask.php file respectively.

5.4CVSS6.2AI score0.00072EPSS

CVE•added 2024/10/22 5:15 p.m.•38 views

CVE-2024-48708

Collabtive 3.1 is vulnerable to Cross-Site Scripting (XSS) via the name parameter in (a) file tasklist.php under action = add/edit and in (b) file admin.php under action = adduser/edituser.

5.4CVSS6AI score0.00072EPSS

CVE•added 2024/10/22 5:15 p.m.•36 views

CVE-2024-48707

Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under (a) action=add or action=edit within managemilestone.php file and (b) action=addpro within admin.php file.

5.4CVSS6.2AI score0.00072EPSS

CVE•added 2019/02/19 3:29 p.m.•35 views

CVE-2019-8935

Collabtive 3.1 allows XSS via the manageuser.php?action=profile id parameter.

5.4CVSS5.2AI score0.00206EPSS

CVE•added 2024/10/22 4:15 p.m.•35 views

CVE-2024-46240

Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under action=system and the company/contact parameters under action=addcust within admin.php file.

4.8CVSS6.2AI score0.00074EPSS