RSS   Vulnerabilities for 'Simiki'   RSS

2021-08-27
 
CVE-2020-19000

CWE-79
 

 
Cross Site Scripting (XSS) in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary code via line 54 of the component 'simiki/blob/master/simiki/generators.py'.

 
 
CVE-2020-19001

CWE-77
 

 
Command Injection in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary system commands via line 64 of the component 'simiki/blob/master/simiki/config.py'.

 


Copyright 2024, cxsecurity.com

 

Back to Top