Lucene search
O-dynCollabtive
3 matches found
CVE-2014-3247
Cross-site scripting (XSS) vulnerability in Collabtive 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the desc parameter in an Add project (addpro) action to admin.php.
4.3CVSS5.3AI score0.00799EPSS
CVE-2010-5284
Multiple cross-site scripting (XSS) vulnerabilities in Collabtive 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the (1) User parameter in the edit user profile feature to manageuser.php, (2) y parameter in a newcal action to manageajax.php, and the (3) pic parameter to thu...
4.3CVSS5.8AI score0.04605EPSS
CVE-2024-46240
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under action=system and the company/contact parameters under action=addcust within admin.php file.
4.8CVSS6.2AI score0.00074EPSS