Vulnerabilities > Lavalite > Lavalite > 5.2.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-10 | CVE-2019-17434 | Cross-site Scripting vulnerability in Lavalite LavaLite through 5.7 has XSS via a crafted account name that is mishandled on the Manage Clients screen. | 3.5 |
2018-01-03 | CVE-2017-1000467 | Cross-site Scripting vulnerability in Lavalite 5.2.4 LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of service and execution of javascript code. | 3.5 |