Vulnerabilities > Yunohost > Yunohost > 2.7.6

DATE CVE VULNERABILITY TITLE RISK
2018-12-04 CVE-2018-11348 Cross-site Scripting vulnerability in Yunohost
Two XSS vulnerabilities are located in the profile edition page of the user panel of the YunoHost 2.7.2 through 2.7.14 web application.
network
low complexity
yunohost CWE-79
5.4
5.4
2018-12-04 CVE-2018-11347 HTTP Response Splitting vulnerability in Yunohost
The YunoHost 2.7.2 through 2.7.14 web application is affected by one HTTP Response Header Injection.
network
low complexity
yunohost CWE-113
8.8
8.8