Vulnerabilities > Opmantek > Open Audit > Low

DATE CVE VULNERABILITY TITLE RISK
2020-04-28 CVE-2020-12261 Cross-site Scripting vulnerability in Opmantek Open-Audit 3.3.0
Open-AudIT 3.3.0 allows an XSS attack after login.
network
opmantek CWE-79
3.5
2018-09-19 CVE-2018-16607 Cross-site Scripting vulnerability in Opmantek Open-Audit 2.2.7
Cross-site scripting (XSS) vulnerability in the Orgs Page in Open-AudIT Professional edition in 2.2.7 allows remote attackers to inject arbitrary web script via the Orgs name field.
network
opmantek CWE-79
3.5
2018-07-06 CVE-2018-11124 Cross-site Scripting vulnerability in Opmantek Open-Audit
Cross-site scripting (XSS) vulnerability in Attributes functionality in Open-AudIT Community edition before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted attribute name of an Attribute.
network
opmantek CWE-79
3.5
2018-05-10 CVE-2018-10314 Cross-site Scripting vulnerability in Opmantek Open-Audit 2.2.0
Cross-site scripting (XSS) vulnerability in Open-AudIT Community 2.2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the action parameter in the Discover -> Audit Scripts -> List Scripts -> Download section.
network
opmantek CWE-79
3.5