Onenav

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-28097 MEDIUM POC This Month

OneNav 1.1.0 is vulnerable to Cross Site Scripting (XSS) in custom headers. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Onenav

NVD

CVSS 3.1

5.5

EPSS

0.2%

CVE-2025-28096 MEDIUM POC This Month

OneNav 1.1.0 is vulnerable to Server-Side Request Forgery (SSRF) in custom headers. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Onenav

NVD

CVSS 3.1

5.4

EPSS

0.1%

CVE-2025-28097

EPSS 0% CVSS 5.5

MEDIUM POC This Month

OneNav 1.1.0 is vulnerable to Cross Site Scripting (XSS) in custom headers. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Onenav

NVD

CVE-2025-28096

EPSS 0% CVSS 5.4

MEDIUM POC This Month

OneNav 1.1.0 is vulnerable to Server-Side Request Forgery (SSRF) in custom headers. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Onenav

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy