Vulnerabilities > Opmantek > Open Audit > 2.2.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-20 | CVE-2021-44916 | Cross-site Scripting vulnerability in Opmantek Open-Audit Opmantek Open-AudIT Community 4.2.0 (Fixed in 4.3.0) is affected by a Cross Site Scripting (XSS) vulnerability. | 4.3 |
| 2021-01-20 | CVE-2021-3130 | Unspecified vulnerability in Opmantek Open-Audit Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets, Windows passwords, and SNMP strings from users using HTML 'password field' obfuscation. network opmantek | 4.3 |
| 2019-09-13 | CVE-2019-16293 | OS Command Injection vulnerability in Opmantek Open-Audit The Create Discoveries feature of Open-AudIT before 3.2.0 allows an authenticated attacker to execute arbitrary OS commands via a crafted value for a URL field. | 6.5 |
| 2018-09-19 | CVE-2018-16607 | Cross-site Scripting vulnerability in Opmantek Open-Audit 2.2.7 Cross-site scripting (XSS) vulnerability in the Orgs Page in Open-AudIT Professional edition in 2.2.7 allows remote attackers to inject arbitrary web script via the Orgs name field. | 3.5 |