Skip to main content

Projectforge

2 CVEs product

Monthly

CVE-2013-7251 MEDIUM POC PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in ProjectForge before 5.3 allow remote attackers to hijack the authentication of arbitrary users via vectors related to (1) web/admin/, (2). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF Projectforge
NVD GitHub
CVSS 2.0
6.8
EPSS
0.2%
CVE-2013-7250 LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in the JsonBuilder implementation in ProjectForge before 5.3 allows remote authenticated users to inject arbitrary web script or HTML via an autocompletion. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

Java XSS Projectforge
NVD GitHub
CVSS 2.0
3.5
EPSS
0.2%
EPSS 0% CVSS 6.8
MEDIUM POC PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in ProjectForge before 5.3 allow remote attackers to hijack the authentication of arbitrary users via vectors related to (1) web/admin/, (2). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF Projectforge
NVD GitHub
EPSS 0% CVSS 3.5
LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in the JsonBuilder implementation in ProjectForge before 5.3 allows remote authenticated users to inject arbitrary web script or HTML via an autocompletion. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

Java XSS Projectforge
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy