Vulnerabilities > Liquidfiles

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-30	CVE-2023-4393	Injection vulnerability in Liquidfiles HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow an attacker to perform more advanced phishing attacks against an organization. network low complexity liquidfiles CWE-74	6.1
2021-11-11	CVE-2021-43397	Insufficiently Protected Credentials vulnerability in Liquidfiles LiquidFiles before 3.6.3 allows remote attackers to elevate their privileges from Admin (or User Admin) to Sysadmin. network low complexity liquidfiles CWE-522	8.8
2021-04-06	CVE-2021-30140	Cross-site Scripting vulnerability in Liquidfiles 3.4.15 LiquidFiles 3.4.15 has stored XSS through the "send email" functionality when sending a file via email to an administrator. network low complexity liquidfiles CWE-79	5.4
2020-11-25	CVE-2020-29072	Inclusion of Functionality from Untrusted Control Sphere vulnerability in Liquidfiles A Cross-Site Script Inclusion vulnerability was found on LiquidFiles before 3.3.19. network low complexity liquidfiles CWE-829	6.1
2020-11-25	CVE-2020-29071	Cross-site Scripting vulnerability in Liquidfiles An XSS issue was found in the Shares feature of LiquidFiles before 3.3.19. network low complexity liquidfiles CWE-79 critical	9.0

Vulnerabilities > Liquidfiles {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Liquidfiles"}]}