Vulnerabilities > Sonarsource > Sonarqube > 5.6.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-14 | CVE-2019-17579 | Cross-site Scripting vulnerability in Sonarsource Sonarqube SonarSource SonarQube before 7.8 has XSS in project links on account/projects. | 4.3 |
| 2018-12-14 | CVE-2018-19413 | Information Exposure vulnerability in Sonarsource Sonarqube A vulnerability in the API of SonarSource SonarQube before 7.4 could allow an authenticated user to discover sensitive information such as valid user-account logins in the web application. | 4.0 |