Vulnerabilities > Krpano
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-07 | CVE-2020-24901 | Cross-site Scripting vulnerability in Krpano The default installation of Krpano Panorama Viewer version <=1.20.8 is vulnerable to Reflected XSS due to insecure remote js load in file viewer/krpano.html, parameter plugin[test].url. | 6.1 |
2021-01-07 | CVE-2020-24900 | Cross-site Scripting vulnerability in Krpano The default installation of Krpano Panorama Viewer version <=1.20.8 is prone to Reflected XSS due to insecure XML load in file /viewer/krpano.html, parameter xml. | 6.1 |