Vulnerabilities > Beekeeperstudio > Beekeeper Studio > 3.6.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-23 | CVE-2023-28394 | OS Command Injection vulnerability in Beekeeperstudio Beekeeper-Studio Beekeeper Studio versions prior to 3.9.9 allows a remote authenticated attacker to execute arbitrary JavaScript code with the privilege of the application on the PC where the affected product is installed. | 8.8 |
| 2022-11-21 | CVE-2022-43143 | Cross-site Scripting vulnerability in Beekeeperstudio Beekeeper-Studio 3.6.6 A cross-site scripting (XSS) vulnerability in Beekeeper Studio v3.6.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error modal container. | 9.6 |
| 2022-03-21 | CVE-2022-26174 | Improper Encoding or Escaping of Output vulnerability in Beekeeperstudio Beekeeper-Studio A remote code execution (RCE) vulnerability in Beekeeper Studio v3.2.0 allows attackers to execute arbitrary code via a crafted payload injected into the display fields. | 9.8 |