Vulnerabilities > Squaredup

DATE CVE VULNERABILITY TITLE RISK
2021-02-03 CVE-2020-9390 Cross-site Scripting vulnerability in Squaredup
SquaredUp allowed Stored XSS before version 4.6.0.
network
low complexity
squaredup CWE-79
5.4
2021-02-03 CVE-2020-9389 Information Exposure Through Discrepancy vulnerability in Squaredup 4.6
A username enumeration issue was discovered in SquaredUp before version 4.6.0.
network
high complexity
squaredup CWE-203
3.7
2021-02-03 CVE-2020-9388 Cross-Site Request Forgery (CSRF) vulnerability in Squaredup 4.6
CSRF protection was not present in SquaredUp before version 4.6.0.
network
low complexity
squaredup CWE-352
6.5