Notrinos/notrinoserp

CVEs (4)

CVE	Vendor / Product	CVSS	Published	Description
CVE-2022-2965	Notrinos Notrinos/notrinoserp	—	Aug 23, 2022	Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7.
CVE-2022-2927	Notrinos Notrinos/notrinoserp	—	Aug 22, 2022	Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7.
CVE-2022-2921	Notrinos Notrinos/notrinoserp	—	Aug 21, 2022	Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. This results in privilege escalation to a system administrator account. An attacker can gain access to protected functionality such as create/update companies, install/update languages, install/activate extensions, install/activate themes and other permissive actions.
CVE-2022-2871	Notrinos Notrinos/notrinoserp	—	Aug 17, 2022	Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7.

CVE-2022-2965Aug 23, 2022
Notrinos
Notrinos/notrinoserp
risk 0.00cvss —epss 0.00
Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7.
CVE-2022-2927Aug 22, 2022
Notrinos
Notrinos/notrinoserp
risk 0.00cvss —epss 0.00
Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7.
CVE-2022-2921Aug 21, 2022
Notrinos
Notrinos/notrinoserp
risk 0.00cvss —epss 0.00
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. This results in privilege escalation to a system administrator account. An attacker can gain access to protected functionality such as create/update companies, install/update languages, install/activate extensions, install/activate themes and other permissive actions.
CVE-2022-2871Aug 17, 2022
Notrinos
Notrinos/notrinoserp
risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7.