Vulnerabilities > Rockoa > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-23 | CVE-2024-48213 | Path Traversal vulnerability in Rockoa Xinhu 2.6.5 RockOA v2.6.5 is vulnerable to Directory Traversal in webmain/system/beifen/beifenAction.php. | 4.3 |
| 2024-06-17 | CVE-2024-37624 | Cross-site Scripting vulnerability in Rockoa Xinhu 2.6.3 Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /chajian/inputChajian.php. | 6.1 |
| 2021-01-26 | CVE-2020-21147 | Cross-site Scripting vulnerability in Rockoa 1.9.8 RockOA V1.9.8 is affected by a cross-site scripting (XSS) vulnerability which allows remote attackers to send malicious code to the administrator and execute JavaScript code, because webmain/flow/input/mode_emailmAction.php does not perform strict filtering. | 4.8 |