Vulnerabilities > Thingsboard > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-01 | CVE-2024-9358 | Unspecified vulnerability in Thingsboard A vulnerability has been found in ThingsBoard up to 3.7.0 and classified as problematic. | 5.9 |
| 2024-04-03 | CVE-2024-3270 | Unspecified vulnerability in Thingsboard A vulnerability classified as problematic was found in ThingsBoard up to 3.6.2. | 6.5 |
| 2022-09-13 | CVE-2022-31861 | Cross-site Scripting vulnerability in Thingsboard Cross site Scripting (XSS) in ThingsBoard IoT Platform through 3.3.4.1 via a crafted value being sent to the audit logs. | 5.4 |
| 2022-08-12 | CVE-2021-42750 | Cross-site Scripting vulnerability in Thingsboard 3.3.1 A cross-site scripting (XSS) vulnerability in Rule Engine in ThingsBoard 3.3.1 allows remote attackers (with administrative access) to inject arbitrary JavaScript within the title of a rule node. | 4.8 |
| 2022-08-12 | CVE-2021-42751 | Cross-site Scripting vulnerability in Thingsboard 3.3.1 A cross-site scripting (XSS) vulnerability in Rule Engine in ThingsBoard 3.3.1 allows remote attackers (with administrative access) to inject arbitrary JavaScript within the description of a rule node. | 4.8 |