Open-audit Security Vulnerabilities and Issues — Open-audit CVE List

Lucene search

OpmantekOpen-audit

4 matches found

CVE•added 2018/07/25 11:29 p.m.•54 views

CVE-2018-14493

Cross-site scripting (XSS) vulnerability in the Groups Page in Open-Audit Community 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the group name.

6.1CVSS5.9AI score0.01597EPSS

CVE•added 2021/02/05 2:15 p.m.•46 views

CVE-2021-3333

Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting (XSS). When outputting SQL statements for debugging, a maliciously crafted query can trigger an XSS attack. This attack only succeeds if the user is already logged in to Open-AudIT before they click the malicious link.

6.1CVSS6.1AI score0.00317EPSS

CVE•added 2021/12/20 12:15 p.m.•41 views

CVE-2021-44916

Opmantek Open-AudIT Community 4.2.0 (Fixed in 4.3.0) is affected by a Cross Site Scripting (XSS) vulnerability. If a bad value is passed to the routine via a URL, malicious JavaScript code can be executed in the victim's browser.

6.1CVSS5.9AI score0.04458EPSS

CVE•added 2022/01/03 1:15 p.m.•35 views

CVE-2021-44674

An information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. The vulnerability allows an authenticated attacker to read file outside of the restricted directory.

6.5CVSS6.1AI score0.00421EPSS