Tiny Tiny Rss
by Tt Rss
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-16896 | Cri | 0.64 | 9.8 | 0.00 | Nov 20, 2017 | A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter. | |
| CVE-2017-1000035 | Med | 0.40 | 6.1 | 0.00 | Jul 17, 2017 | Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attack |
- risk 0.64cvss 9.8epss 0.00
A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter.
- risk 0.40cvss 6.1epss 0.00
Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener attack