Vulnerabilities > Mmonit > Monit > 5.8.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-22 | CVE-2019-11454 | Cross-site Scripting vulnerability in multiple products Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash Monit before 5.25.3 allows a remote unauthenticated attacker to introduce arbitrary JavaScript via manipulation of an unsanitized user field of the Authorization header for HTTP Basic Authentication, which is mishandled during an _viewlog operation. | 6.1 |
| 2018-09-10 | CVE-2016-7067 | Cross-Site Request Forgery (CSRF) vulnerability in Mmonit Monit Monit before version 5.20.0 is vulnerable to a cross site request forgery attack. | 6.5 |