Vulnerabilities > Greenbone > Greenbone Security Assistant > 2.0

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-21	CVE-2018-25016	Injection vulnerability in Greenbone Security Assistant Greenbone Security Assistant (GSA) before 7.0.3 and Greenbone OS (GOS) before 5.0.0 allow Host Header Injection. network low complexity greenbone CWE-74	7.5
2021-06-21	CVE-2019-25047	Cross-site Scripting vulnerability in Greenbone Security Assistant Greenbone Security Assistant (GSA) before 8.0.2 and Greenbone OS (GOS) before 5.0.10 allow XSS during 404 URL handling in gsad. network greenbone CWE-79	4.3
2011-01-28	CVE-2011-0650	Cross-Site Request Forgery (CSRF) vulnerability in Greenbone Security Assistant 2.0 Cross-site request forgery (CSRF) vulnerability in Greenbone Security Assistant (GSA) before 2.0+rc3 allows remote attackers to hijack the authentication of users for requests that send email via an OMP request to OpenVAS Manager. network greenbone CWE-352	6.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.