Moss
by Deep Project
Source repositories
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-55383 | Hig | 0.56 | 8.6 | 0.00 | Aug 21, 2025 | Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows attackers to upload files of any extension to any location on the target server. | ||
| CVE-2024-57098 | 0.00 | — | 0.00 | Feb 3, 2025 | Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully designed payloads into the order parameter. |
- risk 0.56cvss 8.6epss 0.00
Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows attackers to upload files of any extension to any location on the target server.
- CVE-2024-57098Feb 3, 2025risk 0.00cvss —epss 0.00
Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully designed payloads into the order parameter.