Vulnerabilities > Projectpier > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-07 | CVE-2013-3637 | Cross-site Scripting vulnerability in Projectpier 0.8.8 ProjectPier 0.8.8 does not use the Secure flag for cookies | 5.4 |
| 2020-02-07 | CVE-2013-3636 | Cross-site Scripting vulnerability in Projectpier 0.8.8 ProjectPier 0.8.8 has a Remote Information Disclosure Weakness because of the lack of the HttpOnly cookie flag | 5.4 |
| 2020-02-07 | CVE-2013-3635 | Cross-site Scripting vulnerability in Projectpier 0.8.8 ProjectPier 0.8.8 has stored XSS | 5.4 |
| 2018-02-02 | CVE-2015-2796 | Cross-site Scripting vulnerability in Projectpier 0.8.8 Multiple cross-site scripting (XSS) vulnerabilities in Project-Pier ProjectPier-Core allow remote attackers to inject arbitrary web script or HTML via the search_for parameter to (1) search_by_tag.php, (2) search_contacts.php, or (3) search.php. | 6.1 |