Vulnerabilities > Gurock > Testrail > 7.1.2

DATE CVE VULNERABILITY TITLE RISK
2021-12-20 CVE-2021-44263 Cross-site Scripting vulnerability in Gurock Testrail
Gurock TestRail before 7.2.4 mishandles HTML escaping.
network
low complexity
gurock CWE-79
5.4
5.4
2021-09-22 CVE-2021-40875 Forced Browsing vulnerability in Gurock Testrail
Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulted in sensitive information exposure.
network
low complexity
gurock CWE-425
7.5
7.5