Vulnerabilities > Bevywise > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-13 | CVE-2022-35611 | Cross-Site Request Forgery (CSRF) vulnerability in Bevywise Mqttroute 3.3 A Cross-Site Request Forgery (CSRF) in MQTTRoute v3.3 and below allows attackers to create and remove dashboards. | 4.3 |
| 2022-10-13 | CVE-2022-35612 | Cross-site Scripting vulnerability in Bevywise Mqttroute 1.1/2.0 A cross-site scripting (XSS) vulnerability in MQTTRoute v3.3 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the dashboard name text field. | 5.4 |