Vulnerabilities > Rukovoditel > Rukovoditel > 2.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-07 | CVE-2019-7541 | Cross-site Scripting vulnerability in Rukovoditel Rukovoditel through 2.4.1 allows XSS via a URL that lacks a module=users%2flogin substring. | 4.3 |
| 2019-02-05 | CVE-2019-7400 | Cross-site Scripting vulnerability in Rukovoditel Rukovoditel before 2.4.1 allows XSS. | 6.1 |