Vulnerabilities > Synel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-13 | CVE-2022-36778 | Cross-site Scripting vulnerability in Synel Eharmony 8.0.2.3 insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code. | 5.4 |
| 2022-01-28 | CVE-2022-22791 | Cross-site Scripting vulnerability in Synel Eharmony 8.0.2.3 SYNEL - eharmony Authenticated Blind & Stored XSS. | 5.4 |
| 2021-12-08 | CVE-2021-36718 | Improper Authentication vulnerability in Synel Eharmonynew and Synel Reports SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default credentials and export a report of eharmony system with sensetive data (Employee name, Employee ID number, Working hours etc') The vulnerabilety has been addressed and fixed on version 11. | 6.5 |