VYPR

Panorama Viewer

by Krpano

CVEs (2)

  • CVE-2020-24901MedJan 7, 2021
    risk 0.40cvss 6.1epss 0.01

    The default installation of Krpano Panorama Viewer version <=1.20.8 is vulnerable to Reflected XSS due to insecure remote js load in file viewer/krpano.html, parameter plugin[test].url.

  • CVE-2020-24900MedJan 7, 2021
    risk 0.40cvss 6.1epss 0.01

    The default installation of Krpano Panorama Viewer version <=1.20.8 is prone to Reflected XSS due to insecure XML load in file /viewer/krpano.html, parameter xml.