Max CVSS | 3.5 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-15213 | 3.5 |
Stored XSS vulnerability in Flyspray before 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges, via the real_name or email_address field to themes/CleanFS/templates/common.editallusers.tpl.
|
27-10-2017 - 18:54 | 11-10-2017 - 01:32 | |
CVE-2017-15214 | 3.5 |
Stored XSS vulnerability in Flyspray 1.0-rc4 before 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges and also to execute JavaScript against other users (including unauthenticated users), via the name, title,
|
27-10-2017 - 18:54 | 11-10-2017 - 01:32 |