Vulnerabilities > Nagvis > Nagvis > 1.4.4

DATE CVE VULNERABILITY TITLE RISK
2023-10-20 CVE-2023-46287 Cross-site Scripting vulnerability in Nagvis
XSS exists in NagVis before 1.9.38 via the select function in share/server/core/functions/html.php.
network
low complexity
nagvis CWE-79
6.1
2023-05-26 CVE-2022-46945 Path Traversal vulnerability in Nagvis
Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the component /core/classes/NagVisHoverUrl.php.
network
low complexity
nagvis CWE-22
6.5
2022-11-13 CVE-2022-3979 Incorrect Type Conversion or Cast vulnerability in Nagvis
A vulnerability was found in NagVis up to 1.9.33 and classified as problematic.
network
high complexity
nagvis CWE-704
8.1