Vulnerabilities > Thinksaas > Thinksaas > 2.91
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-24 | CVE-2020-35337 | SQL Injection vulnerability in Thinksaas 2.6/2.91 ThinkSAAS before 3.38 contains a SQL injection vulnerability through app/topic/action/admin/topic.php via the title parameter, which allows remote attackers to execute arbitrary SQL commands. | 7.5 |
| 2019-09-21 | CVE-2019-16665 | Cross-site Scripting vulnerability in Thinksaas 2.91 An issue was discovered in ThinkSAAS 2.91. | 4.3 |
| 2019-09-21 | CVE-2019-16664 | Cross-site Scripting vulnerability in Thinksaas 2.91 An issue was discovered in ThinkSAAS 2.91. | 3.5 |