Vulnerabilities > Sakura > TS Webfonts

DATE CVE VULNERABILITY TITLE RISK
2023-07-21 CVE-2023-32624 Cross-site Scripting vulnerability in Sakura TS Webfonts
Cross-site scripting vulnerability in TS Webfonts for SAKURA 3.1.0 and earlier allows a remote unauthenticated attacker to inject an arbitrary script.
network
low complexity
sakura CWE-79
6.1
6.1
2023-07-21 CVE-2023-32625 Cross-Site Request Forgery (CSRF) vulnerability in Sakura TS Webfonts
Cross-site request forgery (CSRF) vulnerability in TS Webfonts for SAKURA 3.1.2 and earlier allows a remote unauthenticated attacker to hijack the authentication of a user and to change settings by having a user view a malicious page.
network
low complexity
sakura CWE-352
4.3
4.3