Vulnerabilities (CVE)

Filtered by vendor Tasmota Project Subscribe
Filtered by product Tasmota
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-36603 1 Tasmota Project 1 Tasmota 2024-02-28 N/A 6.1 MEDIUM
Cross Site Scripting (XSS) in Tasmota firmware 6.5.0 allows remote attackers to inject JavaScript code via a crafted string in the field "Friendly Name 1".
CVE-2022-43294 1 Tasmota Project 1 Tasmota 2024-02-28 N/A 9.8 CRITICAL
Tasmota before commit 066878da4d4762a9b6cb169fdf353e804d735cfd was discovered to contain a stack overflow via the ClientPortPtr parameter at lib/libesp32/rtsp/CRtspSession.cpp.