Vulnerabilities (CVE)

Filtered by vendor Remark42 Subscribe
Filtered by product Remark42
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-45966 1 Remark42 1 Remark42 2024-09-12 N/A 7.5 HIGH
umputun remark42 version 1.12.1 and before has a Blind Server-Side Request Forgery (SSRF) vulnerability.
CVE-2021-29271 1 Remark42 1 Remark42 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
remark42 before 1.6.1 allows XSS, as demonstrated by "Locator: Locator{URL:" followed by an XSS payload. This is related to backend/app/store/comment.go and backend/app/store/service/service.go.