Vulnerabilities > Opmantek > Open Audit > 1.6.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-20 | CVE-2021-44916 | Cross-site Scripting vulnerability in Opmantek Open-Audit Opmantek Open-AudIT Community 4.2.0 (Fixed in 4.3.0) is affected by a Cross Site Scripting (XSS) vulnerability. | 6.1 |
| 2021-01-20 | CVE-2021-3130 | Unspecified vulnerability in Opmantek Open-Audit Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets, Windows passwords, and SNMP strings from users using HTML 'password field' obfuscation. | 5.9 |
| 2019-09-13 | CVE-2019-16293 | OS Command Injection vulnerability in Opmantek Open-Audit The Create Discoveries feature of Open-AudIT before 3.2.0 allows an authenticated attacker to execute arbitrary OS commands via a crafted value for a URL field. | 8.8 |
| 2018-07-06 | CVE-2018-11124 | Cross-site Scripting vulnerability in Opmantek Open-Audit Cross-site scripting (XSS) vulnerability in Attributes functionality in Open-AudIT Community edition before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted attribute name of an Attribute. | 5.4 |