Skip to main content

Neon

4 CVEs product

Monthly

CVE-2020-23576 MEDIUM POC This Month

Laborator Neon dashboard v3 is affected by stored Cross Site Scripting (XSS) via the chat tab. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Neon
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-13890 MEDIUM POC This Month

The Neon theme 2.0 before 2020-06-03 for Bootstrap allows XSS via an Add Task Input operation in a dashboard. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Neon
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2019-20141 MEDIUM POC This Month

An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress PHP Neon
NVD
CVSS 3.1
6.1
EPSS
5.0%
CVE-2018-5258 MEDIUM This Month

The Neon app 1.6.14 iOS does not verify X.509 certificates from SSL servers, which allows remote attackers to spoof servers and obtain sensitive information via a crafted certificate. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Apple Neon
NVD GitHub
CVSS 3.0
5.9
EPSS
0.9%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Laborator Neon dashboard v3 is affected by stored Cross Site Scripting (XSS) via the chat tab. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Neon
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The Neon theme 2.0 before 2020-06-03 for Bootstrap allows XSS via an Add Task Input operation in a dashboard. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Neon
NVD
EPSS 5% CVSS 6.1
MEDIUM POC This Month

An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress PHP +1
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

The Neon app 1.6.14 iOS does not verify X.509 certificates from SSL servers, which allows remote attackers to spoof servers and obtain sensitive information via a crafted certificate. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Apple Neon
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy