MVRC-ITSEC/CVEs

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-51506 ↗	Aug 19, 2025Tuesday, 19 August 2025, 17:15	6.5 MEDIUM	—
In the smartLibrary component of the HRForecast Suite 0.4.3, a SQL injection vulnerability was discovered in the valueKey parameter. This flaw enables any authenticated user to execute arbitrary SQL queries, via crafted payloads to valueKey to the api/smartlibrary/v2/en/dictionaries/options/lookup endpoint.
CVE-2022-44349 ↗	Sep 1, 2023Friday, 1 September 2023, 10:15	5.4 MEDIUM	—
NAVBLUE S.A.S N-Ops & Crew 22.5-rc.50 is vulnerable to Cross Site Scripting (XSS).