Vulnerabilities > Chatwoot
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-15 | CVE-2021-3741 | Cross-site Scripting vulnerability in Chatwoot A stored cross-site scripting (XSS) vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.6. | 5.4 |
2024-11-15 | CVE-2021-3742 | Unspecified vulnerability in Chatwoot A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.5.0. | 8.8 |
2023-04-17 | CVE-2023-2109 | Unspecified vulnerability in Chatwoot Cross-site Scripting (XSS) - DOM in GitHub repository chatwoot/chatwoot prior to 2.14.0. | 6.1 |
2022-10-28 | CVE-2022-3741 | Improper Restriction of Excessive Authentication Attempts vulnerability in Chatwoot Impact varies for each individual vulnerability in the application. | 9.8 |
2022-09-06 | CVE-2022-2901 | Unspecified vulnerability in Chatwoot Improper Authorization in GitHub repository chatwoot/chatwoot prior to 2.8. | 7.1 |
2022-08-19 | CVE-2022-0542 | Unspecified vulnerability in Chatwoot Cross-site Scripting (XSS) - DOM in GitHub repository chatwoot/chatwoot prior to 2.7.0. | 6.1 |
2022-08-19 | CVE-2022-1021 | Cross-site Scripting vulnerability in Chatwoot Insecure Storage of Sensitive Information in GitHub repository chatwoot/chatwoot prior to 2.6.0. | 5.4 |
2022-04-21 | CVE-2022-1022 | Cross-site Scripting vulnerability in Chatwoot Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chatwoot prior to 2.5.0. | 5.4 |
2022-02-09 | CVE-2021-3813 | Authorization Bypass Through User-Controlled Key vulnerability in Chatwoot Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2. | 6.5 |
2022-02-09 | CVE-2022-0526 | Unspecified vulnerability in Chatwoot Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0. | 6.1 |