francoisjacquet/rosariosis Security Advisories for 9.1.x-dev (6)
-
[LOW] RosarioSIS cross site scripting vulnerability
PKSA-8hrn-87xj-qc28 CVE-2024-3138 GHSA-r32g-w9cv-9fgc
Affected version: <=11.5.1
Reported by:
GitHub -
[HIGH] RosarioSIS Stores Sensitive Data in a Mechanism without Access Control
PKSA-bykd-vq9v-9sqg CVE-2023-2665 GHSA-36cm-h8gv-mg97
Affected version: <11.0
Reported by:
GitHub -
[MEDIUM] RosarioSIS vulnerable to CSV Injection
PKSA-sqbj-6c8j-qvsr CVE-2023-29918 GHSA-f8hp-grmr-pp7j
Affected version: <=10.8.4
Reported by:
GitHub -
[MEDIUM] RosarioSIS improper access control vulnerability
PKSA-k1fj-5hdp-gntb CVE-2023-2202 GHSA-g66v-3v62-g375
Affected version: <10.9.3
Reported by:
GitHub -
[HIGH] RosarioSIS Improper Access Control vulnerability
PKSA-qc8b-mrzj-39wp CVE-2023-0994 GHSA-prjg-28jg-m3p5
Affected version: <10.8.2
Reported by:
GitHub -
[HIGH] RosarioSIS before 10.1 vulnerable to Improper Handling of Length Parameter Inconsistency
PKSA-5nzc-47j6-mn9r CVE-2022-2714 GHSA-vh4m-mw8w-g4w8
Affected version: <10.1
Reported by:
GitHub