Vulnerabilities > External Control of Critical State Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-05 | CVE-2018-15382 | External Control of Critical State Data vulnerability in Cisco Hyperflex HX Data Platform 3.0(1A) A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens. | 7.5 |
| 2018-06-04 | CVE-2017-0928 | External Control of Critical State Data vulnerability in Theguardian Html-Janitor 2.0.2 html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the '_sanitized' variable causing sanitization to be bypassed. | 4.3 |