Connector to CiviCRM with CiviMcRestFace

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-32551	Jaap Jansma Connector to CiviCRM with CiviMcRestFace	Hig	0.46	7.1	0.00		Apr 11, 2025	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace connector-civicrm-mcrestface allows Reflected XSS.This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a…
CVE-2025-31618	Jaap Jansma Connector to CiviCRM with CiviMcRestFace	Med	0.34	5.3	0.00		Mar 31, 2025	Missing Authorization vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace connector-civicrm-mcrestface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a through <=…

CVE-2025-32551HigApr 11, 2025
Jaap Jansma
Connector to CiviCRM with CiviMcRestFace
risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace connector-civicrm-mcrestface allows Reflected XSS.This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a…
CVE-2025-31618MedMar 31, 2025
Jaap Jansma
Connector to CiviCRM with CiviMcRestFace
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace connector-civicrm-mcrestface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a through <=…