Vulnerabilities > Nette

DATE CVE VULNERABILITY TITLE RISK
2022-01-04 CVE-2022-21648 Cross-site Scripting vulnerability in Nette Latte
Latte is an open source template engine for PHP.
network
low complexity
nette CWE-79
6.1
2021-12-17 CVE-2021-23803 Incorrect Authorization vulnerability in Nette Latte
This affects the package latte/latte before 2.10.6.
network
low complexity
nette CWE-863
critical
9.8
2020-10-01 CVE-2020-15227 Code Injection vulnerability in multiple products
Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE.
network
low complexity
nette debian CWE-94
critical
9.8