Vulnerabilities (CVE)

Filtered by vendor Fusiondirectory Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36180 1 Fusiondirectory 1 Fusiondirectory 2024-11-21 N/A 9.6 CRITICAL
Fusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS) via /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&plug={Injection], /fusiondirectory/index.php?signout=1&message=[injection]&plug=106.
CVE-2022-36179 1 Fusiondirectory 1 Fusiondirectory 2024-11-21 N/A 9.8 CRITICAL
Fusiondirectory 1.3 suffers from Improper Session Handling.