Vulnerabilities > Onenav > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-12 CVE-2022-26276 Path Traversal vulnerability in Onenav 0.9.14
An issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal.
network
low complexity
onenav CWE-22
5.3
5.3
2021-08-05 CVE-2021-38138 Cross-site Scripting vulnerability in Onenav 0.9.12
OneNav beta 0.9.12 allows XSS via the Add Link feature.
network
low complexity
onenav CWE-79
5.4
5.4