Vulnerabilities > Smod
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-29 | CVE-2023-5378 | Cross-site Scripting vulnerability in multiple products Improper Input Validation vulnerability in MegaBIP and already unsupported SmodBIP software allows for Stored XSS.This issue affects SmodBIP in all versions and MegaBIP in versions up to 4.36.2. MegaBIP 5.08 was tested and is not vulnerable. | 5.4 |
| 2023-10-10 | CVE-2023-4837 | Cross-Site Request Forgery (CSRF) vulnerability in Smod Smodbip SmodBIP is vulnerable to Cross-Site Request Forgery, that could be used to induce logged in users to perform unintended actions, including creation of additional accounts with administrative privileges. | 8.8 |