Vulnerabilities > Gchq

DATE CVE VULNERABILITY TITLE RISK
2020-01-28 CVE-2019-10779 Cross-site Scripting vulnerability in Gchq Stroom
All versions of stroom:stroom-app before 5.5.12 and all versions of the 6.0.0 branch before 6.0.25 are affected by Cross-site Scripting.
network
gchq CWE-79
4.3
2019-08-26 CVE-2019-15532 Cross-site Scripting vulnerability in Gchq Cyberchef
CyberChef before 8.31.2 allows XSS in core/operations/TextEncodingBruteForce.mjs.
network
gchq CWE-79
4.3
2018-08-20 CVE-2018-1000651 XXE vulnerability in Gchq Stroom
Stroom version <5.4.5 contains a XML External Entity (XXE) vulnerability in XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning.
network
low complexity
gchq CWE-611
7.5