Vulnerabilities > Marmind

DATE CVE VULNERABILITY TITLE RISK
2020-11-05 CVE-2020-26507 Improper Neutralization of Formula Elements in a CSV File vulnerability in Marmind 4.1.141.0
A CSV Injection (also known as Formula Injection) vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers.
network
marmind CWE-1236
critical
9.3
2020-11-05 CVE-2020-26505 Cross-site Scripting vulnerability in Marmind 4.1.141.0
A Stored Cross-Site Scripting (XSS) vulnerability in the “Marmind” web application with version 4.1.141.0 allows an attacker to inject code that will later be executed by legitimate users when they open the assets containing the JavaScript code.
network
marmind CWE-79
4.3
2020-11-05 CVE-2020-26506 Missing Authorization vulnerability in Marmind 4.1.141.0
An Authorization Bypass vulnerability in the Marmind web application with version 4.1.141.0 allows users with lower privileges to gain control to files uploaded by administrative users.
network
low complexity
marmind CWE-862
4.0