Rumpus

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CWE-20 Improper Input Validation. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Multiple CWE-352 Cross-Site Request Forgery (CSRF). Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Multiple CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.