Vulnerabilities > Darwin

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-16	CVE-2021-25982	Cross-site Scripting vulnerability in Darwin Factor In Factor (App Framework & Headless CMS) forum plugin, versions 1.3.5 to 1.8.30, are vulnerable to reflected Cross-Site Scripting (XSS) at the “search” parameter in the URL. network low complexity darwin CWE-79	6.1
2021-11-16	CVE-2021-25983	Cross-site Scripting vulnerability in Darwin Factor In Factor (App Framework & Headless CMS) forum plugin, versions v1.3.8 to v1.8.30, are vulnerable to reflected Cross-Site Scripting (XSS) at the “tags” and “category” parameters in the URL. network low complexity darwin CWE-79	6.1
2021-11-16	CVE-2021-25984	Cross-site Scripting vulnerability in Darwin Factor In Factor (App Framework & Headless CMS) forum plugin, versions v1.3.3 to v1.8.30, are vulnerable to stored Cross-Site Scripting (XSS) at the “post reply” section. network low complexity darwin CWE-79	6.1
2021-11-16	CVE-2021-25985	Insufficient Session Expiration vulnerability in Darwin Factor In Factor (App Framework & Headless CMS) v1.0.4 to v1.8.30, improperly invalidate a user’s session even after the user logs out of the application. network low complexity darwin CWE-613 critical	9.8

Vulnerabilities > Darwin {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Darwin"}]}