Vulnerabilities > Gridea > Gridea > 0.8.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-13 | CVE-2019-12047 | Cross-site Scripting vulnerability in Gridea 0.8.0 Gridea v0.8.0 has an XSS vulnerability through which the Nodejs module can be called to achieve arbitrary code execution, as demonstrated by child_process.exec and the "<img src=# onerror='eval(new Buffer(" substring. | 4.3 |