Lucene search
ObjectplanetOpinio
3 matches found
CVE-2020-26564
ObjectPlanet Opinio before 7.15 allows XXE attacks via three steps: modify a .css file to have
6.5CVSS6.7AI score0.00191EPSS
CVE-2020-26563
ObjectPlanet Opinio before 7.14 allows reflected XSS via the survey/admin/surveyAdmin.do?action=viewSurveyAdmin query string. (There is also stored XSS if input to survey/admin/*.do is accepted from untrusted users.)
6.1CVSS5.9AI score0.00463EPSS
CVE-2017-10798
In ObjectPlanet Opinio before 7.6.4, there is XSS.
6.1CVSS6.3AI score0.00266EPSS