Vulnerabilities > Elabftw
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-31 | CVE-2022-31007 | Unspecified vulnerability in Elabftw eLabFTW is an electronic lab notebook manager for research teams. | 6.5 |
| 2021-12-16 | CVE-2021-43833 | Improper Authentication vulnerability in Elabftw eLabFTW is an electronic lab notebook manager for research teams. | 6.5 |
| 2021-12-16 | CVE-2021-43834 | Improper Authentication vulnerability in Elabftw eLabFTW is an electronic lab notebook manager for research teams. | 6.5 |
| 2021-10-22 | CVE-2021-41171 | Improper Restriction of Excessive Authentication Attempts vulnerability in Elabftw eLabFTW is an open source electronic lab notebook manager for research teams. | 4.0 |
| 2021-06-21 | CVE-2021-32698 | Server-Side Request Forgery (SSRF) vulnerability in Elabftw eLabFTW is an open source electronic lab notebook for research labs. | 4.0 |
| 2019-05-20 | CVE-2019-12185 | Unrestricted Upload of File with Dangerous Type vulnerability in Elabftw 1.8.5 eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. | 8.8 |
| 2018-01-03 | CVE-2017-1000478 | Cross-site Scripting vulnerability in Elabftw 1.7.8 ELabftw version 1.7.8 is vulnerable to stored cross-site scripting in the experiment infos component resulting in arbitrary execution of JavaScript and denial of service. | 3.5 |