5.2.4

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-10	CVE-2019-17434	Cross-site Scripting vulnerability in Lavalite LavaLite through 5.7 has XSS via a crafted account name that is mishandled on the Manage Clients screen. network lavalite CWE-79	3.5
2018-01-03	CVE-2017-1000467	Cross-site Scripting vulnerability in Lavalite 5.2.4 LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of service and execution of javascript code. network lavalite CWE-79	3.5