Vulnerabilities > Tasmota Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-09 | CVE-2021-36603 | Cross-site Scripting vulnerability in Tasmota Project Tasmota 6.5.0 Cross Site Scripting (XSS) in Tasmota firmware 6.5.0 allows remote attackers to inject JavaScript code via a crafted string in the field "Friendly Name 1". | 6.1 |
2022-11-14 | CVE-2022-43294 | Out-of-bounds Write vulnerability in Tasmota Project Tasmota Tasmota before commit 066878da4d4762a9b6cb169fdf353e804d735cfd was discovered to contain a stack overflow via the ClientPortPtr parameter at lib/libesp32/rtsp/CRtspSession.cpp. | 9.8 |