Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-23634 | 1 Documize | 1 Documize | 2024-11-21 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in Documize version 5.4.2, allows remote attackers to execute arbitrary code via the user parameter of the /api/dashboard/activity endpoint. | |||||
| CVE-2019-19619 | 1 Documize | 1 Documize | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| domain/section/markdown/markdown.go in Documize before 3.5.1 mishandles untrusted Markdown content. This was addressed by adding the bluemonday HTML sanitizer to defend against XSS. | |||||