Vulnerabilities > Uatech > Badaso > 2.4.11
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-30 | CVE-2023-38970 | Cross-site Scripting vulnerability in Uatech Badaso Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the Name of member parameter in the add new member function. | 5.4 |
2023-08-29 | CVE-2023-38971 | Cross-site Scripting vulnerability in Uatech Badaso Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the rack number parameter in the add new rack function. | 5.4 |