Vulnerabilities > Cryptocat Project > Cryptocat > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-11-14 CVE-2013-4106 Cross-site Scripting vulnerability in Cryptocat Project Cryptocat
A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22.
4.3
2019-11-14 CVE-2013-4109 Cross-site Scripting vulnerability in Cryptocat Project Cryptocat 1.1.165
An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165.
4.3
2019-11-05 CVE-2013-4110 Information Exposure vulnerability in Cryptocat Project Cryptocat
Cryptocat has an Unspecified Chat Participant User List Disclosure
network
low complexity
cryptocat-project CWE-200
5.0
2019-11-05 CVE-2013-4107 Cross-site Scripting vulnerability in Cryptocat Project Cryptocat
Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting
4.3
2019-11-04 CVE-2013-4105 Information Exposure vulnerability in Cryptocat Project Cryptocat
Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure
network
low complexity
cryptocat-project CWE-200
5.0
2019-11-04 CVE-2013-2260 Insufficient Entropy vulnerability in Cryptocat Project Cryptocat
Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness
network
low complexity
cryptocat-project CWE-331
5.0
2019-11-04 CVE-2013-2258 Nickname User Impersonation vulnerability in Cryptocat
Cryptocat before 2.0.22 has Nickname User Impersonation
network
low complexity
cryptocat-project
5.0
2019-11-04 CVE-2013-2257 Improper Restriction of Excessive Authentication Attempts vulnerability in Cryptocat Project Cryptocat
Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness
network
low complexity
cryptocat-project CWE-307
5.0
2019-11-04 CVE-2013-4104 Inadequate Encryption Strength vulnerability in Cryptocat Project Cryptocat
Cryptocat before 2.0.22 has weak encryption in the Socialist Millionnaire Protocol
network
low complexity
cryptocat-project CWE-326
5.0
2019-11-04 CVE-2013-2262 Information Exposure vulnerability in Cryptocat Project Cryptocat
Cryptocat strophe.js before 2.0.22 has information disclosure
network
low complexity
cryptocat-project CWE-200
5.0