Vulnerabilities > Labkey

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-29	CVE-2019-9926	Cross-Site Request Forgery (CSRF) vulnerability in Labkey Server 19.1.0 An issue was discovered in LabKey Server 19.1.0. network labkey CWE-352	6.8
2019-10-29	CVE-2019-9758	Cross-site Scripting vulnerability in Labkey Server 19.1.0 An issue was discovered in LabKey Server 19.1.0. network labkey CWE-79	3.5
2019-10-29	CVE-2019-9757	XXE vulnerability in Labkey Server 19.1.0 An issue was discovered in LabKey Server 19.1.0. network low complexity labkey CWE-611	5.0
2019-01-30	CVE-2019-3913	OS Command Injection vulnerability in Labkey Server Command manipulation in LabKey Server Community Edition before 18.3.0-61806.763 allows an authenticated remote attacker to unmount any drive on the system leading to denial of service. network low complexity labkey CWE-78	4.0
2019-01-30	CVE-2019-3912	Open Redirect vulnerability in Labkey Server An open redirect vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 via the /__r1/ returnURL parameter allows an unauthenticated remote attacker to redirect users to arbitrary web sites. network low complexity labkey CWE-601	6.1
2019-01-30	CVE-2019-3911	Cross-site Scripting vulnerability in Labkey Server Reflected cross-site scripting (XSS) vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 allows an unauthenticated remote attacker to inject arbitrary javascript via the onerror parameter in the /__r2/query endpoints. network low complexity labkey CWE-79	6.1

Vulnerabilities > Labkey {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Labkey"}]}