Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-45228 | 1 Coins-global | 1 Coins Construction Cloud | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| An XSS issue was discovered in COINS Construction Cloud 11.12. Due to insufficient neutralization of user input in the description of a task, it is possible to store malicious JavaScript code in the task description. This is later executed when it is reflected back to the user. | |||||
| CVE-2021-45227 | 1 Coins-global | 1 Coins Construction Cloud | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in COINS Construction Cloud 11.12. Due to an inappropriate use of HTML IFRAME elements, the file upload functionality is vulnerable to a persistent Cross-Site Scripting (XSS) attack. | |||||