Vulnerabilities > Openmaint
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-15 | CVE-2021-27695 | Cross-site Scripting vulnerability in Openmaint 2.13.3B Multiple stored cross-site scripting (XSS) vulnerabilities in openMAINT 2.1-3.3-b allow remote attackers to inject arbitrary web script or HTML via any "Add" sections, such as Add Card Building & Floor, or others in the Name and Code Parameters. | 6.1 |
| 2021-01-26 | CVE-2020-24549 | Unrestricted Upload of File with Dangerous Type vulnerability in Openmaint openMAINT before 1.1-2.4.2 allows remote authenticated users to run arbitrary JSP code on the underlying web server. | 8.8 |