Notrinos Notrinoserp vulnerabilities
4 known vulnerabilities affecting notrinos/notrinos_notrinoserp.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2022-2921P3HIGHCVSS 8.8≥ unspecified, < 0.72022-08-21
CVE-2022-2921 [HIGH] CWE-359 CVE-2022-2921: Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notr
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. This results in privilege escalation to a system administrator account. An attacker can gain access to protected functionality such as create/update companies, install/update languages, install/activate extensions, install/activate
nvd
CVE-2022-2927P3CRITICALCVSS 9.8≥ unspecified, < 0.72022-08-22
CVE-2022-2927 [CRITICAL] CWE-521 CVE-2022-2927: Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7.
Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7.
nvd
CVE-2022-2871P4MEDIUMCVSS 5.4≥ unspecified, < 0.72022-08-17
CVE-2022-2871 [MEDIUM] CWE-79 CVE-2022-2871: Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7.
Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7.
nvd
CVE-2022-2965P4MEDIUMCVSS 4.3≥ unspecified, < 0.72022-08-23
CVE-2022-2965 [MEDIUM] CWE-1021 CVE-2022-2965: Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior
Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7.
nvd