Vulnerabilities > Springbootmovie Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-03 | CVE-2022-28588 | Cross-site Scripting vulnerability in Springbootmovie Project Springbootmovie 1.0/1.1/1.2 In SpringBootMovie <=1.2 when adding movie names, malicious code can be stored because there are no filtering parameters, resulting in stored XSS. | 3.5 |
| 2022-05-03 | CVE-2022-29001 | Unrestricted Upload of File with Dangerous Type vulnerability in Springbootmovie Project Springbootmovie 1.0/1.1/1.2 In SpringBootMovie <=1.2, the uploaded file suffix parameter is not filtered, resulting in arbitrary file upload vulnerability | 6.5 |