Vulnerabilities > Lavalite > Lavalite > 5.7.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-13 | CVE-2019-18883 | Cross-site Scripting vulnerability in Lavalite 5.7.0 XSS exists in Lavalite CMS 5.7 via the admin/profile name or designation field. | 4.3 |
2019-10-10 | CVE-2019-17434 | Cross-site Scripting vulnerability in Lavalite LavaLite through 5.7 has XSS via a crafted account name that is mishandled on the Manage Clients screen. | 3.5 |