Vulnerabilities > ENS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-21 | CVE-2018-19511 | Cross-Site Request Forgery (CSRF) vulnerability in ENS Webgalamb 7.0 wg7.php in Webgalamb 7.0 lacks security measures to prevent CSRF attacks, as demonstrated by wg7.php?options=1 to change the administrator password. | 6.5 |
| 2019-03-21 | CVE-2018-19509 | Cross-site Scripting vulnerability in ENS Webgalamb 7.0 wg7.php in Webgalamb 7.0 makes opportunistic calls to htmlspecialchars() instead of using a templating engine with proper contextual encoding. | 6.1 |