Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26276 | 1 Onenav Project | 1 Onenav | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal. | |||||
| CVE-2021-38138 | 1 Onenav Project | 1 Onenav | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| OneNav beta 0.9.12 allows XSS via the Add Link feature. NOTE: the vendor's position is that there intentionally is not any XSS protection at present, because the attack risk is largely limited to a compromised account; however, XSS protection is planned for a future release. | |||||