Vulnerabilities > Redhat > Pagure

DATE CVE VULNERABILITY TITLE RISK
2020-09-25 CVE-2019-11556 Cross-site Scripting vulnerability in multiple products
Pagure before 5.6 allows XSS via the templates/blame.html blame view.
network
low complexity
redhat opensuse CWE-79
6.1
6.1
2019-11-06 CVE-2016-1000037 Cross-site Scripting vulnerability in multiple products
Pagure: XSS possible in file attachment endpoint
network
low complexity
redhat fedoraproject CWE-79
6.1
6.1
2019-02-08 CVE-2019-7628 Information Exposure vulnerability in Redhat Pagure 5.2
Pagure 5.2 leaks API keys by e-mailing them to users.
network
high complexity
redhat CWE-200
5.9
5.9
2017-09-14 CVE-2017-1002151 Missing Authorization vulnerability in Redhat Pagure
Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization
network
low complexity
redhat CWE-862
7.5
7.5
2016-10-07 CVE-2016-1000007 Cross-site Scripting vulnerability in Redhat Pagure 2.2.1
Pagure 2.2.1 XSS in raw file endpoint
network
low complexity
redhat CWE-79
6.1
6.1