Vulnerabilities > Liquidfiles > Liquidfiles > 2.4.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-30 | CVE-2023-4393 | Injection vulnerability in Liquidfiles HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow an attacker to perform more advanced phishing attacks against an organization. | 6.1 |
| 2021-11-11 | CVE-2021-43397 | Insufficiently Protected Credentials vulnerability in Liquidfiles LiquidFiles before 3.6.3 allows remote attackers to elevate their privileges from Admin (or User Admin) to Sysadmin. | 9.0 |
| 2020-11-25 | CVE-2020-29072 | Cross-site Scripting vulnerability in Liquidfiles A Cross-Site Script Inclusion vulnerability was found on LiquidFiles before 3.3.19. | 4.3 |
| 2020-11-25 | CVE-2020-29071 | Cross-site Scripting vulnerability in Liquidfiles An XSS issue was found in the Shares feature of LiquidFiles before 3.3.19. | 8.5 |