Vulnerabilities > Immuta
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-05 | CVE-2020-15952 | Cross-site Scripting vulnerability in Immuta 2.8.2 Immuta v2.8.2 is affected by stored XSS that allows a low-privileged user to escalate privileges to administrative permissions. | 9.0 |
| 2020-11-05 | CVE-2020-15951 | Cross-site Scripting vulnerability in Immuta 2.8.2 Immuta v2.8.2 accepts user-supplied project names without properly sanitizing the input, allowing attackers to inject arbitrary HTML content that is rendered as part of the application. | 6.1 |
| 2020-11-05 | CVE-2020-15950 | Insufficient Session Expiration vulnerability in Immuta 2.8.2 Immuta v2.8.2 is affected by improper session management: user sessions are not revoked upon logout. | 8.8 |
| 2020-11-05 | CVE-2020-15949 | Improper Authentication vulnerability in Immuta 2.8.2 Immuta v2.8.2 is affected by one instance of insecure permissions that can lead to user account takeover. | 7.5 |