Vulnerabilities > Andrew Simpson > Webcollab > 2.01
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-11-02 | CVE-2013-2652 | Cross-Site Scripting vulnerability in Andrew Simpson Webcollab CRLF injection vulnerability in help/help_language.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter. | 4.3 |
2009-04-28 | CVE-2009-1454 | Cross-Site Scripting vulnerability in Andrew Simpson Webcollab Cross-site scripting (XSS) vulnerability in tasks.php in WebCollab before 2.50 (aka Billy Goat) allows remote attackers to inject arbitrary web script or HTML via the selection parameter in a todo action. | 4.3 |