Vulnerabilities > Status > Statusnet > 1.1.0

DATE CVE VULNERABILITY TITLE RISK
2019-11-20 CVE-2010-4659 Cross-site Scripting vulnerability in Status Statusnet
Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents.
network
status CWE-79
4.3
4.3
2019-11-20 CVE-2010-4660 Improper Input Validation vulnerability in Status Statusnet
Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes..
network
low complexity
status CWE-20
7.5
7.5
2013-10-11 CVE-2013-4137 SQL Injection vulnerability in Status Statusnet 1.0.0/1.0.1/1.1.0
Multiple SQL injection vulnerabilities in StatusNet 1.0 before 1.0.2 and 1.1.0 allow remote attackers to execute arbitrary SQL commands via vectors related to user lists and "a particular tag format."
network
low complexity
status CWE-89
7.5
7.5