Vulnerabilities > Cern

DATE CVE VULNERABILITY TITLE RISK
2024-09-04 CVE-2024-45399 Cross-site Scripting vulnerability in Cern Indico
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask.
network
low complexity
cern CWE-79
6.1
2023-07-21 CVE-2023-37901 Unspecified vulnerability in Cern Indico
Indico is an open source a general-purpose, web based event management tool.
network
low complexity
cern
5.4
2021-04-07 CVE-2021-30185 Unspecified vulnerability in Cern Indico
CERN Indico before 2.3.4 can use an attacker-supplied Host header in a password reset link.
network
low complexity
cern
7.5
2017-11-17 CVE-2017-1000203 OS Command Injection vulnerability in Cern Root
ROOT version 6.9.03 and below is vulnerable to an authenticated shell metacharacter injection in the rootd daemon resulting in remote code execution
network
low complexity
cern CWE-78
8.8