Vulnerabilities (CVE)

Filtered by vendor Springbootmovie Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-29001 1 Springbootmovie Project 1 Springbootmovie 2024-11-21 6.5 MEDIUM 7.2 HIGH
In SpringBootMovie <=1.2, the uploaded file suffix parameter is not filtered, resulting in arbitrary file upload vulnerability
CVE-2022-28588 1 Springbootmovie Project 1 Springbootmovie 2024-11-21 3.5 LOW 5.4 MEDIUM
In SpringBootMovie <=1.2 when adding movie names, malicious code can be stored because there are no filtering parameters, resulting in stored XSS.