Vulnerabilities > Liquidfiles > Liquidfiles > 3.5.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-30 | CVE-2023-4393 | Injection vulnerability in Liquidfiles HTML and SMTP injections on the registration page of LiquidFiles versions 3.7.13 and below, allow an attacker to perform more advanced phishing attacks against an organization. | 6.1 |
| 2021-11-11 | CVE-2021-43397 | Insufficiently Protected Credentials vulnerability in Liquidfiles LiquidFiles before 3.6.3 allows remote attackers to elevate their privileges from Admin (or User Admin) to Sysadmin. | 8.8 |