Vulnerabilities > Wwbn > Avideo > 11.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-10 | CVE-2023-47171 | Unspecified vulnerability in Wwbn Avideo 11.6/15Fed957Fb An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path functionality of WWBN AVideo 11.6 and dev master commit 15fed957fb. | 6.5 |
| 2024-01-10 | CVE-2023-47861 | Cross-site Scripting vulnerability in Wwbn Avideo 11.6/15Fed957Fb A cross-site scripting (xss) vulnerability exists in the channelBody.php user name functionality of WWBN AVideo 11.6 and dev master commit 15fed957fb. | 5.4 |
| 2024-01-10 | CVE-2023-48728 | Cross-site Scripting vulnerability in Wwbn Avideo 11.6/3C6Bb3Ff A cross-site scripting (xss) vulnerability exists in the functiongetOpenGraph videoName functionality of WWBN AVideo 11.6 and dev master commit 3c6bb3ff. | 6.1 |
| 2023-05-12 | CVE-2023-32073 | Unspecified vulnerability in Wwbn Avideo WWBN AVideo is an open source video platform. | 8.8 |
| 2023-05-08 | CVE-2023-30860 | Unspecified vulnerability in Wwbn Avideo WWBN AVideo is an open source video platform. | 5.4 |
| 2023-04-28 | CVE-2023-30854 | Unspecified vulnerability in Wwbn Avideo AVideo is an open source video platform. | 8.8 |
| 2023-04-25 | CVE-2023-25313 | OS Command Injection vulnerability in Wwbn Avideo OS injection vulnerability in World Wide Broadcast Network AVideo version before 12.4, allows attackers to execute arbitrary code via the video link field to the Embed a video link feature. | 9.8 |
| 2023-04-25 | CVE-2023-25314 | Cross-site Scripting vulnerability in Wwbn Avideo Cross Site Scripting (XSS) vulnerability in World Wide Broadcast Network AVideo before 12.4, allows attackers to gain sensitive information via the success parameter to /user. | 6.1 |
| 2022-08-22 | CVE-2022-26842 | Unspecified vulnerability in Wwbn Avideo 11.6 A reflected cross-site scripting (xss) vulnerability exists in the charts tab selection functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. | 9.6 |
| 2022-08-22 | CVE-2022-28710 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Wwbn Avideo 11.6 An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. | 6.5 |