Vulnerabilities > I Doit > I Doit > 1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-02-11 | CVE-2014-1237 | Cross-Site Scripting vulnerability in I-Doit Cross-site scripting (XSS) vulnerability in synetics i-doit pro before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the call parameter. | 4.3 |
| 2014-02-11 | CVE-2013-1413 | Cross-Site Scripting vulnerability in I-Doit 0.9.9/1.0/1.0.2 Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |