Vulnerabilities > Websvn > Websvn > 2.3.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-18 | CVE-2021-32305 | OS Command Injection vulnerability in Websvn WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter. | 10.0 |
| 2016-04-07 | CVE-2016-2511 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in WebSVN 2.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter to log.php. | 4.3 |
| 2015-01-21 | CVE-2013-6892 | Information Exposure vulnerability in multiple products WebSVN 2.3.3 allows remote authenticated users to read arbitrary files via a symlink attack in a commit. | 3.5 |