Vulnerabilities > Homeautomation Project > Homeautomation > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-04-27 CVE-2020-21998 Open Redirect vulnerability in Homeautomation Project Homeautomation 3.3.2
In HomeAutomation 3.3.2 input passed via the 'redirect' GET parameter in 'api.php' script is not properly verified before being used to redirect users.
network
low complexity
homeautomation-project CWE-601
6.1
6.1
2021-04-27 CVE-2020-21987 Cross-site Scripting vulnerability in Homeautomation Project Homeautomation 3.3.2
HomeAutomation 3.3.2 is affected by persistent Cross Site Scripting (XSS).
network
low complexity
homeautomation-project CWE-79
6.1
6.1