Vulnerabilities > Lavalite > Lavalite > 5.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-10 | CVE-2019-17434 | Cross-site Scripting vulnerability in Lavalite LavaLite through 5.7 has XSS via a crafted account name that is mishandled on the Manage Clients screen. | 3.5 |
| 2018-09-05 | CVE-2018-16551 | Cross-site Scripting vulnerability in Lavalite 5.5.0 LavaLite 5.5 has XSS via a /edit URI, as demonstrated by client/job/job/Zy8PWBekrJ/edit. | 3.5 |