Filtered by vendor Fava Project
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2589 | 1 Fava Project | 1 Fava | 2024-11-21 | N/A | 6.1 MEDIUM |
| Cross-site Scripting (XSS) - Reflected in GitHub repository beancount/fava prior to 1.22.3. | |||||
| CVE-2022-2523 | 1 Fava Project | 1 Fava | 2024-11-21 | N/A | 6.1 MEDIUM |
| Cross-site Scripting (XSS) - Reflected in GitHub repository beancount/fava prior to 1.22.2. | |||||
| CVE-2022-2514 | 1 Fava Project | 1 Fava | 2024-11-21 | N/A | 6.1 MEDIUM |
| The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim. | |||||