Vulnerabilities > Graphite Project > Graphite > 0.9.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-11 | CVE-2017-18638 | Server-Side Request Forgery (SSRF) vulnerability in Graphite Project Graphite send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. | 5.0 |
2013-09-27 | CVE-2013-5943 | Cross-Site Scripting vulnerability in Graphite Project Graphite Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |