Vulnerabilities > Rukovoditel > Rukovoditel > 2.3.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-07 | CVE-2019-7541 | Cross-site Scripting vulnerability in Rukovoditel Rukovoditel through 2.4.1 allows XSS via a URL that lacks a module=users%2flogin substring. | 4.3 |
| 2019-02-05 | CVE-2019-7400 | Cross-site Scripting vulnerability in Rukovoditel Rukovoditel before 2.4.1 allows XSS. | 6.1 |
| 2019-01-02 | CVE-2018-20166 | Unrestricted Upload of File with Dangerous Type vulnerability in Rukovoditel 2.3.1 A file-upload vulnerability exists in Rukovoditel 2.3.1. | 6.5 |