cbcvebase.

Aa Web Servant 12 Step Meeting List vulnerabilities

7 known vulnerabilities affecting aa_web_servant/12_step_meeting_list.

Total CVEs
7
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
MEDIUM7

Vulnerabilities

Page 1 of 1
CVE-2024-35693P1MEDIUMCVSS 6.1ExploitedPoC≤ 3.14.332024-06-08
CVE-2024-35693 [MEDIUM] CWE-79 CVE-2024-35693: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list.This issue affects 12 Step Meeting List: from n/a through <= 3.14.33.
nvd
CVE-2025-24582P3MEDIUMCVSS 5.3PoC≤ 3.16.52025-01-24
CVE-2025-24582 [MEDIUM] CWE-201 CVE-2025-24582: Insertion of Sensitive Information Into Sent Data vulnerability in AA Web Servant 12 Step Meeting Li Insertion of Sensitive Information Into Sent Data vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Retrieve Embedded Sensitive Data.This issue affects 12 Step Meeting List: from n/a through <= 3.16.5.
nvd
CVE-2026-39569P3MEDIUMCVSS 6.5≤ 3.19.92026-04-08
CVE-2026-39569 [MEDIUM] CWE-862 CVE-2026-39569: Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allo Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 12 Step Meeting List: from n/a through <= 3.19.9.
nvd
CVE-2025-24580P3MEDIUMCVSS 6.5≤ 3.16.52025-01-24
CVE-2025-24580 [MEDIUM] CWE-862 CVE-2025-24580: Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allo Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 12 Step Meeting List: from n/a through <= 3.16.5.
nvd
CVE-2025-24583P3MEDIUMCVSS 6.5≤ 3.16.52025-04-17
CVE-2025-24583 [MEDIUM] CWE-862 CVE-2025-24583: Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allo Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 12 Step Meeting List: from n/a through <= 3.16.5.
nvd
CVE-2025-54054P4MEDIUMCVSS 6.5≤ 3.18.32025-08-14
CVE-2025-54054 [MEDIUM] CWE-79 CVE-2025-54054: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Stored XSS.This issue affects 12 Step Meeting List: from n/a through <= 3.18.3.
nvd
CVE-2026-39570P4MEDIUMCVSS 5.3≤ 3.19.92026-04-08
CVE-2026-39570 [MEDIUM] CWE-201 CVE-2026-39570: Insertion of Sensitive Information Into Sent Data vulnerability in AA Web Servant 12 Step Meeting Li Insertion of Sensitive Information Into Sent Data vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Retrieve Embedded Sensitive Data.This issue affects 12 Step Meeting List: from n/a through <= 3.19.9.
nvd