Vulnerabilities > Domoticz
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-29 | CVE-2020-21990 | Incorrect Authorization vulnerability in Domoticz Mydomoathome 0.240 Emmanuel MyDomoAtHome (MDAH) REST API REST API Domoticz ISS Gateway 0.2.40 is affected by an information disclosure vulnerability due to improper access control enforcement. | 5.0 |
| 2019-08-23 | CVE-2019-15480 | Cross-site Scripting vulnerability in Domoticz 4.10717 Domoticz 4.10717 has XSS via item.Name. | 3.5 |
| 2019-03-31 | CVE-2019-10678 | CRLF Injection vulnerability in Domoticz Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options. | 5.0 |
| 2019-03-31 | CVE-2019-10664 | SQL Injection vulnerability in Domoticz Domoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer::GetFloorplanImage in WebServer.cpp. | 7.5 |