Vulnerabilities > Krpano

DATE CVE VULNERABILITY TITLE RISK
2021-01-07 CVE-2020-24901 Cross-site Scripting vulnerability in Krpano
The default installation of Krpano Panorama Viewer version <=1.20.8 is vulnerable to Reflected XSS due to insecure remote js load in file viewer/krpano.html, parameter plugin[test].url.
network
low complexity
krpano CWE-79
6.1
2021-01-07 CVE-2020-24900 Cross-site Scripting vulnerability in Krpano
The default installation of Krpano Panorama Viewer version <=1.20.8 is prone to Reflected XSS due to insecure XML load in file /viewer/krpano.html, parameter xml.
network
low complexity
krpano CWE-79
6.1