Webtareas Project Webtareas vulnerabilities
27 known vulnerabilities affecting webtareas_project/webtareas.
Total CVEs
27
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH6MEDIUM18
Vulnerabilities
Page 2 of 2
CVE-2022-44955P4MEDIUMCVSS 5.4v2.42022-12-02
CVE-2022-44955 [MEDIUM] CWE-79 CVE-2022-44955: webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the Chat fun
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field.
nvd
CVE-2021-36609P4MEDIUMCVSS 5.4v2.22022-06-16
CVE-2021-36609 [MEDIUM] CWE-79 CVE-2021-36609: Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /linkedcontent/edi
Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /linkedcontent/editfolder.php.
nvd
CVE-2021-36608P4MEDIUMCVSS 5.4v2.22022-06-16
CVE-2021-36608 [MEDIUM] CWE-79 CVE-2021-36608: Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /projects/editproj
Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /projects/editproject.php.
nvd
CVE-2022-44959P4MEDIUMCVSS 5.4v2.42022-12-02
CVE-2022-44959 [MEDIUM] CWE-79 CVE-2022-44959: webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the componen
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /meetings/listmeetings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
nvd
CVE-2022-44962P4MEDIUMCVSS 5.4v2.42022-12-02
CVE-2022-44962 [MEDIUM] CWE-79 CVE-2022-44962: webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the componen
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /calendar/viewcalendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject field.
nvd
CVE-2022-44960P4MEDIUMCVSS 5.4v2.42022-12-02
CVE-2022-44960 [MEDIUM] CWE-79 CVE-2022-44960: webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the componen
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /general/search.php?searchtype=simple. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search field.
nvd
CVE-2022-44961P4MEDIUMCVSS 5.4v2.42022-12-02
CVE-2022-44961 [MEDIUM] CWE-79 CVE-2022-44961: webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the componen
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /forums/editforum.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
nvd
← Previous2 / 2