Vulnerabilities > Uatech > Badaso > 2.0.2

DATE CVE VULNERABILITY TITLE RISK
2023-08-30 CVE-2023-38970 Cross-site Scripting vulnerability in Uatech Badaso
Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the Name of member parameter in the add new member function.
network
low complexity
uatech CWE-79
5.4
5.4
2023-08-29 CVE-2023-38971 Cross-site Scripting vulnerability in Uatech Badaso
Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the rack number parameter in the add new rack function.
network
low complexity
uatech CWE-79
5.4
5.4