Vulnerabilities > Storytlr
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-01-13 | CVE-2014-100038 | Cross-site Scripting vulnerability in Storytlr 1.3 Cross-site scripting (XSS) vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter to search/. | 4.3 |
2015-01-13 | CVE-2014-100037 | Cross-site Scripting vulnerability in Storytlr 1.3 Cross-site scripting (XSS) vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to archives/. | 4.3 |