Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-17086 | 1 Inedo | 1 Otter | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Indeo Otter through 1.7.4 mishandles a "</script>" substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as demonstrated by the Plan Editor. | |||||
CVE-2017-15607 | 1 Inedo | 1 Otter | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Inedo Otter before 1.7.4 has directory traversal in filesystem-based rafts via vectors involving '/' characters or initial '.' characters, aka OT-181. |