Vulnerabilities > Chatwoot
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-15 | CVE-2021-3741 | Cross-site Scripting vulnerability in Chatwoot A stored cross-site scripting (XSS) vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.6. | 5.4 |
| 2024-11-15 | CVE-2021-3742 | Server-Side Request Forgery (SSRF) vulnerability in Chatwoot A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.5.0. | 8.8 |
| 2023-04-17 | CVE-2023-2109 | Cross-site Scripting vulnerability in Chatwoot Cross-site Scripting (XSS) - DOM in GitHub repository chatwoot/chatwoot prior to 2.14.0. | 6.1 |
| 2022-10-28 | CVE-2022-3741 | Improper Restriction of Excessive Authentication Attempts vulnerability in Chatwoot Impact varies for each individual vulnerability in the application. | 9.8 |
| 2022-09-06 | CVE-2022-2901 | Improper Authorization vulnerability in Chatwoot Improper Authorization in GitHub repository chatwoot/chatwoot prior to 2.8. | 7.1 |
| 2022-08-19 | CVE-2022-0542 | Cross-site Scripting vulnerability in Chatwoot Cross-site Scripting (XSS) - DOM in GitHub repository chatwoot/chatwoot prior to 2.7.0. | 6.1 |
| 2022-08-19 | CVE-2022-1021 | Cross-site Scripting vulnerability in Chatwoot Insecure Storage of Sensitive Information in GitHub repository chatwoot/chatwoot prior to 2.6.0. | 5.4 |
| 2022-04-21 | CVE-2022-1022 | Cross-site Scripting vulnerability in Chatwoot Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chatwoot prior to 2.5.0. | 5.4 |
| 2022-02-09 | CVE-2021-3813 | Authorization Bypass Through User-Controlled Key vulnerability in Chatwoot Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2. | 6.5 |
| 2022-02-09 | CVE-2022-0526 | Cross-site Scripting vulnerability in Chatwoot Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0. | 6.1 |