Vulnerabilities > Kodcloud > Kodexplorer > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-19 CVE-2023-49489 Cross-site Scripting vulnerability in Kodcloud Kodexplorer 4.51
Reflective Cross Site Scripting (XSS) vulnerability in KodExplorer version 4.51, allows attackers to obtain sensitive information and escalate privileges via the APP_HOST parameter at config/i18n/en/main.php.
network
low complexity
kodcloud CWE-79
6.1
2023-09-06 CVE-2021-36646 Cross-site Scripting vulnerability in Kodcloud Kodexplorer 4.45
A Cross Site Scrtpting (XSS) vulnerability in KodExplorer 4.45 allows remote attackers to run arbitrary code via /index.php page.
network
low complexity
kodcloud CWE-79
6.1
2023-07-10 CVE-2023-37153 Cross-site Scripting vulnerability in Kodcloud Kodexplorer 4.51
KodExplorer 4.51 contains a Cross-Site Scripting (XSS) vulnerability in the Description box of the Light App creation feature.
network
low complexity
kodcloud CWE-79
6.1