Vulnerabilities > Lavalite > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-05 | CVE-2018-16551 | Cross-site Scripting vulnerability in Lavalite 5.5.0 LavaLite 5.5 has XSS via a /edit URI, as demonstrated by client/job/job/Zy8PWBekrJ/edit. | 5.4 |
| 2018-01-03 | CVE-2017-1000467 | Cross-site Scripting vulnerability in Lavalite 5.2.4 LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of service and execution of javascript code. | 5.4 |