Vulnerabilities > Owasp > Dependency Track > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-25 | CVE-2022-39351 | Cleartext Storage of Sensitive Information vulnerability in Owasp Dependency-Track Dependency-Track is a Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. | 4.4 |
| 2019-07-29 | CVE-2019-1020007 | Cross-site Scripting vulnerability in Owasp Dependency-Track Dependency-Track before 3.5.1 allows XSS. | 5.4 |