Vulnerabilities (CVE)

Filtered by vendor Viva-project Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-39172 1 Viva-project 1 Openviva 2024-11-21 N/A 5.4 MEDIUM
A stored XSS in the process overview (bersicht zugewiesener Vorgaenge) in mbsupport openVIVA c2 20220101 allows a remote, authenticated, low-privileged attacker to execute arbitrary code in the victim's browser via name field of a process.