Vulnerabilities > Sakura > TS Webfonts
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-21 | CVE-2023-32624 | Cross-site Scripting vulnerability in Sakura TS Webfonts Cross-site scripting vulnerability in TS Webfonts for SAKURA 3.1.0 and earlier allows a remote unauthenticated attacker to inject an arbitrary script. | 6.1 |
2023-07-21 | CVE-2023-32625 | Cross-Site Request Forgery (CSRF) vulnerability in Sakura TS Webfonts Cross-site request forgery (CSRF) vulnerability in TS Webfonts for SAKURA 3.1.2 and earlier allows a remote unauthenticated attacker to hijack the authentication of a user and to change settings by having a user view a malicious page. | 4.3 |