Vulnerabilities > Marmind
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-05 | CVE-2020-26507 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Marmind 4.1.141.0 A CSV Injection (also known as Formula Injection) vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. | 7.8 |
| 2020-11-05 | CVE-2020-26505 | Cross-site Scripting vulnerability in Marmind 4.1.141.0 A Stored Cross-Site Scripting (XSS) vulnerability in the “Marmind” web application with version 4.1.141.0 allows an attacker to inject code that will later be executed by legitimate users when they open the assets containing the JavaScript code. | 6.1 |
| 2020-11-05 | CVE-2020-26506 | Incorrect Authorization vulnerability in Marmind 4.1.141.0 An Authorization Bypass vulnerability in the Marmind web application with version 4.1.141.0 allows users with lower privileges to gain control to files uploaded by administrative users. | 4.3 |