Vulnerabilities > Ymfe

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-26	CVE-2021-36686	Cross-site Scripting vulnerability in Ymfe Yapi 1.9.1 Cross Site Scripting (XSS) vulnerability in yapi 1.9.1 allows attackers to execute arbitrary code via the /interface/api edit page. network low complexity ymfe CWE-79	5.4
2021-03-01	CVE-2021-27884	Use of Insufficiently Random Values vulnerability in Ymfe Yapi Weak JSON Web Token (JWT) signing secret generation in YMFE YApi through 1.9.2 allows recreation of other users' JWT tokens. local low complexity ymfe CWE-330	5.1
2018-09-28	CVE-2018-17574	Cross-site Scripting vulnerability in Ymfe Yapi 1.3.22 An issue was discovered in YMFE YApi 1.3.23. network low complexity ymfe CWE-79	5.4

Vulnerabilities > Ymfe {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ymfe"}]}