Vulnerabilities > Talkyard

DATE CVE VULNERABILITY TITLE RISK
2022-01-03 CVE-2021-25981 Insufficient Session Expiration vulnerability in Talkyard
In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration.
network
low complexity
talkyard CWE-613
critical
10.0
2021-11-11 CVE-2021-25980 Injection vulnerability in Talkyard
In Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22-WIP-b2e97fe0e through v0.2021.02-WIP-879ef3fe1 and tyse-v0.2021.02-879ef3fe1-regular through tyse-v0.2021.28-af66b6905-regular, are vulnerable to Host Header Injection.
network
talkyard CWE-74
6.8