Cyclos vulnerabilities
2 known vulnerabilities affecting cyclos/cyclos.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-31674P3MEDIUMCVSS 6.1PoC≥ 4.0.0, ≤ 4.14.72022-05-02
CVE-2021-31674 [MEDIUM] CWE-79 CVE-2021-31674: Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote una
Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine enum constant.
nvd
CVE-2021-31673P3MEDIUMCVSS 6.1PoC≥ 4.0.0, ≤ 4.14.72022-05-02
CVE-2021-31673 [MEDIUM] CWE-79 CVE-2021-31673: A Dom-based Cross-site scripting (XSS) vulnerability at registration account in Cyclos 4 PRO.14.7 an
A Dom-based Cross-site scripting (XSS) vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML via the groupId parameter.
nvd