Vulnerabilities > Camunda
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-10 | CVE-2024-51577 | Cross-site Scripting vulnerability in Camunda Bpmn.Io 1.0 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Camunda Services GmbH bpmn.Io allows Stored XSS.This issue affects bpmn.Io: from n/a through 1.0. | 5.4 |
| 2022-01-21 | CVE-2021-23460 | Unspecified vulnerability in Camunda Min-Dash The package min-dash before 3.8.1 are vulnerable to Prototype Pollution via the set method due to missing enforcement of key types. | 7.5 |
| 2021-03-11 | CVE-2021-28154 | Missing Authorization vulnerability in Camunda Modeler Camunda Modeler (aka camunda-modeler) through 4.6.0 allows arbitrary file access. | 9.1 |