Vulnerabilities > Oroinc
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-28 | CVE-2023-32063 | Improper Access Control vulnerability in Oroinc Client Relationship Management OroCalendarBundle enables a Calendar feature and related functionality in Oro applications. | 5.0 |
| 2023-11-28 | CVE-2023-32064 | Improper Access Control vulnerability in Oroinc Orocommerce OroCommerce package with customer portal and non authenticated visitor website base features. | 4.3 |
| 2023-11-28 | CVE-2023-32065 | Improper Access Control vulnerability in Oroinc Orocommerce OroCommerce is an open-source Business to Business Commerce application built with flexibility in mind. | 5.8 |
| 2023-11-27 | CVE-2023-32062 | Improper Access Control vulnerability in Oroinc Oroplatform OroPlatform is a package that assists system and user calendar management. | 4.3 |
| 2023-11-27 | CVE-2022-41951 | Path Traversal vulnerability in Oroinc Oroplatform OroPlatform is a PHP Business Application Platform (BAP) designed to make development of custom business applications easier and faster. | 9.8 |
| 2023-10-09 | CVE-2022-35950 | Cross-site Scripting vulnerability in Oroinc Orocommerce OroCommerce is an open-source Business to Business Commerce application. | 4.8 |
| 2022-10-18 | CVE-2022-31037 | Cross-site Scripting vulnerability in Oroinc Orocommerce OroCommerce is an open-source Business to Business Commerce application. | 5.4 |
| 2022-01-04 | CVE-2021-43852 | Unspecified vulnerability in Oroinc Oroplatform OroPlatform is a PHP Business Application Platform. | 8.8 |
| 2022-01-04 | CVE-2021-41236 | Cross-site Scripting vulnerability in Oroinc Oroplatform OroPlatform is a PHP Business Application Platform. | 4.8 |
| 2021-11-19 | CVE-2021-39198 | Cross-Site Request Forgery (CSRF) vulnerability in Oroinc Client Relationship Management OroCRM is an open source Client Relationship Management (CRM) application. | 5.4 |