Vulnerabilities > Priority Software > Priority > 22.0

DATE CVE VULNERABILITY TITLE RISK
2024-08-20 CVE-2024-41697 Cross-site Scripting vulnerability in Priority-Software Priority 19.1.0.68/22.0
Priority - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
network
low complexity
priority-software CWE-79
6.1
6.1
2024-08-20 CVE-2024-41698 Information Exposure vulnerability in Priority-Software Priority 19.1.0.68/22.0
Priority – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
network
low complexity
priority-software CWE-200
7.5
7.5
2024-08-20 CVE-2024-41699 Files or Directories Accessible to External Parties vulnerability in Priority-Software Priority 19.1.0.68/22.0
Priority – CWE-552: Files or Directories Accessible to External Parties
network
low complexity
priority-software CWE-552
7.5
7.5
2023-02-15 CVE-2023-23459 SQL Injection vulnerability in Priority-Software Priority 19.1.0.68/22.0
Priority Windows may allow Command Execution via SQL Injection using an unspecified method.
network
low complexity
priority-software CWE-89
critical
 9.8
9.8