RSS   Vulnerabilities for 'Opentrade'   RSS

2020-01-11
 
CVE-2020-6847

CWE-79
 
 
OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is executed when an administrator attempts to delete a message that contains JavaScript.

 
2019-11-25
 
CVE-2019-19250

CWE-89
 
 
OpenTrade before 2019-11-23 allows SQL injection, related to server/modules/api/v1.js and server/utils.js.

 

Copyright 2024, cxsecurity.com

 

Back to Top