Vulnerabilities > Valine JS
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-09-19 | CVE-2022-38545 | Cross-site Scripting vulnerability in Valine.Js Valine 1.4.18 Valine v1.4.18 was discovered to contain a remote code execution (RCE) vulnerability which allows attackers to execute arbitrary code via a crafted POST request. | 9.6 |
2022-04-05 | CVE-2020-28847 | Cross-site Scripting vulnerability in Valine.Js Valine 1.4.14 Cross Site Scripting (XSS) vulnerability in xCss Valine v1.4.14 via the nick parameter to /classes/Comment. | 5.4 |
2021-06-16 | CVE-2021-34801 | Unspecified vulnerability in Valine.Js Valine 1.4.14 Valine 1.4.14 allows remote attackers to cause a denial of service (application outage) by supplying a ua (aka User-Agent) value that only specifies the product and version. | 5.3 |
2018-11-15 | CVE-2018-19289 | Cross-site Scripting vulnerability in Valine.Js Valine 1.3.3 An issue was discovered in Valine v1.3.3. | 6.1 |