Testlink@* Security Vulnerabilities and Issues — Testlink@* CVE List

Lucene search

TestlinkTestlink*

3 matches found

CVE•added 2020/01/20 6:15 a.m.•88 views

CVE-2019-20381

TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491.

6.1CVSS6.1AI score0.00419EPSS

CVE•added 2017/09/26 3:29 p.m.•44 views

CVE-2015-7391

Multiple cross-site scripting (XSS) vulnerabilities in TestLink before 1.9.14 allow remote attackers to inject arbitrary web script or HTML via the (1) selected_end_date or (2) selected_start_date parameter to lib/results/tcCreatedPerUserOnTestProject.php; the (3) containerType parameter to lib/tes...

6.1CVSS6AI score0.00215EPSS

Web

CVE•added 2024/08/26 8:15 p.m.•43 views

CVE-2024-42906

TestLink before v.1.9.20 is vulnerable to Cross Site Scripting (XSS) via the pop-up on upload file. When uploading a file, the XSS payload can be entered into the file name.

6.1CVSS5.2AI score0.00092EPSS