Vulnerabilities > Microweber
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-11 | CVE-2022-2368 | Authentication Bypass by Spoofing vulnerability in Microweber Authentication Bypass by Spoofing in GitHub repository microweber/microweber prior to 1.2.20. | 9.8 |
| 2022-07-09 | CVE-2022-2353 | Cross-Site Request Forgery (CSRF) vulnerability in Microweber Prior to microweber/microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery, fetch contents from same-site and redirect a user. | 6.1 |
| 2022-07-04 | CVE-2022-2300 | Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.19. | 3.5 |
| 2022-07-01 | CVE-2022-2280 | Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.19. | 3.5 |
| 2022-06-29 | CVE-2022-2252 | Open Redirect vulnerability in Microweber Open Redirect in GitHub repository microweber/microweber prior to 1.2.19. | 5.8 |
| 2022-06-22 | CVE-2022-2174 | Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.18. | 4.3 |
| 2022-06-20 | CVE-2022-2130 | Cross-site Scripting vulnerability in Microweber Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.17. | 4.3 |
| 2022-05-09 | CVE-2022-1631 | Incorrect Authorization vulnerability in Microweber Users Account Pre-Takeover or Users Account Takeover. | 8.8 |
| 2022-05-04 | CVE-2022-1584 | Cross-site Scripting vulnerability in Microweber Reflected XSS in GitHub repository microweber/microweber prior to 1.2.16. | 4.3 |
| 2022-05-04 | CVE-2022-1555 | Cross-site Scripting vulnerability in Microweber DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber prior to 1.2.16. | 4.3 |