francoisjacquet/rosariosis Security Advisories for v8.9.5 (9)
-
[LOW] RosarioSIS cross site scripting vulnerability
PKSA-8hrn-87xj-qc28 CVE-2024-3138 GHSA-r32g-w9cv-9fgc
Affected version: <=11.5.1
Reported by:
GitHub -
[HIGH] RosarioSIS Stores Sensitive Data in a Mechanism without Access Control
PKSA-bykd-vq9v-9sqg CVE-2023-2665 GHSA-36cm-h8gv-mg97
Affected version: <11.0
Reported by:
GitHub -
[MEDIUM] RosarioSIS vulnerable to CSV Injection
PKSA-sqbj-6c8j-qvsr CVE-2023-29918 GHSA-f8hp-grmr-pp7j
Affected version: <=10.8.4
Reported by:
GitHub -
[MEDIUM] RosarioSIS improper access control vulnerability
PKSA-k1fj-5hdp-gntb CVE-2023-2202 GHSA-g66v-3v62-g375
Affected version: <10.9.3
Reported by:
GitHub -
[HIGH] RosarioSIS Improper Access Control vulnerability
PKSA-qc8b-mrzj-39wp CVE-2023-0994 GHSA-prjg-28jg-m3p5
Affected version: <10.8.2
Reported by:
GitHub -
[HIGH] RosarioSIS before 10.1 vulnerable to Improper Handling of Length Parameter Inconsistency
PKSA-5nzc-47j6-mn9r CVE-2022-2714 GHSA-vh4m-mw8w-g4w8
Affected version: <10.1
Reported by:
GitHub -
[CRITICAL] SQL Injection in RosarioSIS
PKSA-v13h-dnwd-xy3k CVE-2022-2067 GHSA-3pqv-6pm3-g46j
Affected version: <9.0
Reported by:
GitHub -
[MEDIUM] Cross site scripting in francoisjacquet/rosariosis
PKSA-j5z9-4cf4-gxtr CVE-2022-2036 GHSA-4hpr-hh77-6q9p
Affected version: <9.1
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in RosarioSIS
PKSA-xdv7-7ydy-vf3g CVE-2022-1997 GHSA-wjh9-344g-vc49
Affected version: <9.0
Reported by:
GitHub