Vulnerabilities > Thingsboard > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-15 | CVE-2022-40004 | Cross-site Scripting vulnerability in Thingsboard 3.4.1 Cross Site Scripting (XSS) vulnerability in Things Board 3.4.1 allows remote attackers to escalate privilege via crafted URL to the Audit Log. | 9.6 |