Vulnerabilities > Elementalpath > Cognitoys Dino
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-08 | CVE-2017-18485 | Cross-Site Request Forgery (CSRF) vulnerability in Elementalpath Cognitoys Dino Firmware Cognitoys Dino devices allow profiles_add.html CSRF. | 5.8 |
| 2019-08-08 | CVE-2017-18484 | Cross-site Scripting vulnerability in Elementalpath Cognitoys Dino Firmware Cognitoys Dino devices allow XSS via the SSID. | 4.3 |