Vulnerabilities > Scadabr > Scadabr > 1.0ce
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-14 | CVE-2019-16344 | Cross-site Scripting vulnerability in Scadabr 1.0Ce A cross-site scripting (XSS) vulnerability in the login form (/ScadaBR/login.htm) in ScadaBR 1.0CE allows a remote attacker to inject arbitrary web script or HTML via the username or password parameter. | 4.3 |
| 2019-09-15 | CVE-2019-16321 | Cross-site Scripting vulnerability in Scadabr 1.0Ce/1.1.0 ScadaBR 1.0CE, and 1.1.x through 1.1.0-RC, has XSS via a request for a nonexistent resource, as demonstrated by the dwr/test/ PATH_INFO. | 4.3 |