Vulnerabilities > Alibaba > Nacos > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-11 CVE-2021-44667 Cross-site Scripting vulnerability in Alibaba Nacos 2.0.3
A Cross Site Scripting (XSS) vulnerability exists in Nacos 2.0.3 in auth/users via the (1) pageSize and (2) pageNo parameters.
network
low complexity
alibaba CWE-79
6.1
2020-09-30 CVE-2020-19676 Unspecified vulnerability in Alibaba Nacos 1.1.4
Nacos 1.1.4 is affected by: Incorrect Access Control.
network
low complexity
alibaba
5.3