Tine 2.0 Security Vulnerabilities and Issues — Tine 2.0 CVE List

Lucene search

Tine20Tine 2.0

4 matches found

CVE•added 2017/09/30 1:29 a.m.•36 views

CVE-2017-14921

Stored XSS vulnerability via IMG element at "Filename" of Filemanager in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users.

5.4CVSS5.1AI score0.00325EPSS

CVE•added 2017/09/30 1:29 a.m.•36 views

CVE-2017-14922

Stored XSS vulnerability via IMG element at "History" of Profile, Calendar, Tasks, and CRM in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users.

5.4CVSS5.1AI score0.00325EPSS

CVE•added 2017/11/17 5:29 a.m.•35 views

CVE-2017-1000164

Tine 2.0 version 2017.02.4 is vulnerable to XSS in the Addressbook resulting code execution and privilege escalation

5.4CVSS5.8AI score0.00344EPSS

CVE•added 2017/09/30 1:29 a.m.•31 views

CVE-2017-14923

Stored XSS vulnerability via IMG element at "Leadname" of CRM in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users.

5.4CVSS5.1AI score0.00325EPSS