Vulnerabilities > Accela > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-09 | CVE-2021-34369 | Unspecified vulnerability in Accela Civic Platform 19.2/20.1 portlets/contact/ref/refContactDetail.do in Accela Civic Platform through 20.1 allows remote attackers to obtain sensitive information via a modified contactSeqNumber value. | 6.5 |
| 2021-06-09 | CVE-2021-34370 | Cross-site Scripting vulnerability in Accela Civic Platform 19.2/20.1 Accela Civic Platform through 20.1 allows ssoAdapter/logoutAction.do successURL XSS. | 6.1 |
| 2021-06-07 | CVE-2021-33904 | Cross-site Scripting vulnerability in Accela Civic Platform In Accela Civic Platform through 21.1, the security/hostSignon.do parameter servProvCode is vulnerable to XSS. | 6.1 |
| 2016-07-15 | CVE-2016-5660 | Cross-site Scripting vulnerability in Accela Civic Platform Cross-site scripting (XSS) vulnerability in AttachmentsList.aspx in Accela Civic Platform Citizen Access portal allows remote attackers to inject arbitrary web script or HTML via the iframeid parameter. | 6.1 |