xiweicheng/tms

xiweicheng/tms

Releases25

Frequency2 months 2 days

Last Release about 5 years ago

Stars385

基于频道模式的团队沟通协作+轻量级任务看板，支持mardown、富文本、在线表格和思维导图的团队博文wiki，i18n国际化翻译管理的响应式web开源团队协作系统。

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-50630 ↗	Jan 4, 2024Thursday, 4 January 2024, 08:15	6.1 MEDIUM	—
Cross Site Scripting (XSS) vulnerability in xiweicheng TMS v.2.28.0 allows a remote attacker to execute arbitrary code via a crafted script to the click here function.
CVE-2022-26246 ↗	Mar 20, 2022Sunday, 20 March 2022, 19:15	6.1 MEDIUM	4.3 MEDIUM
TMS v2.28.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /TMS/admin/setting/mail/createorupdate.
CVE-2022-26247 ↗	Mar 20, 2022Sunday, 20 March 2022, 19:15	5.9 MEDIUM	4.3 MEDIUM
TMS v2.28.0 contains an insecure permissions vulnerability via the component /TMS/admin/user/Update2. This vulnerability allows attackers to modify the administrator account and password.