Vulnerabilities > Zucchetti > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-30 | CVE-2019-18207 | Cross-site Scripting vulnerability in Zucchetti Infobusiness 4.4.1 In Zucchetti InfoBusiness before and including 4.4.1, an authenticated user can inject client-side code due to improper validation of the Title field in the InfoBusiness Web Component. | 5.4 |
| 2019-10-30 | CVE-2019-18205 | Cross-site Scripting vulnerability in Zucchetti Infobusiness 4.4.1 Multiple Reflected Cross-site Scripting (XSS) vulnerabilities exist in Zucchetti InfoBusiness before and including 4.4.1. | 6.1 |