rochesecurity/Roche-CVEs

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-12834 ↗	Jul 16, 2019Tuesday, 16 July 2019, 18:15	—	4.3 MEDIUM
In HT2 Labs Learning Locker 3.15.1, it's possible to inject malicious HTML and JavaScript code into the DOM of the website via the PATH_INFO to the dashboards/ URI.
CVE-2017-11175 ↗	Jul 5, 2018Thursday, 5 July 2018, 18:29	6.1 MEDIUM	4.3 MEDIUM
In J2 Innovations FIN Stack 4.0, the authentication webform is vulnerable to reflected XSS via the query string to /login.