Vulnerabilities > Nette
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-01-04 | CVE-2022-21648 | Cross-site Scripting vulnerability in Nette Latte Latte is an open source template engine for PHP. | 6.1 |
2021-12-17 | CVE-2021-23803 | Incorrect Authorization vulnerability in Nette Latte This affects the package latte/latte before 2.10.6. | 9.8 |
2020-10-01 | CVE-2020-15227 | Code Injection vulnerability in multiple products Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE. | 9.8 |