Vulnerabilities > Marmind > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-05 | CVE-2020-26505 | Cross-site Scripting vulnerability in Marmind 4.1.141.0 A Stored Cross-Site Scripting (XSS) vulnerability in the “Marmind” web application with version 4.1.141.0 allows an attacker to inject code that will later be executed by legitimate users when they open the assets containing the JavaScript code. | 6.1 |
| 2020-11-05 | CVE-2020-26506 | Incorrect Authorization vulnerability in Marmind 4.1.141.0 An Authorization Bypass vulnerability in the Marmind web application with version 4.1.141.0 allows users with lower privileges to gain control to files uploaded by administrative users. | 4.3 |