VYPR
Vendor

Jazzband

Products
4
CVEs
3
Across products
3
Status
Private

Products

4

Recent CVEs

3
  • CVE-2020-5224MedJan 24, 2020
    risk 0.35cvss 6.5epss 0.00

    In Django User Sessions (django-user-sessions) before 1.7.1, the views provided allow users to terminate specific sessions. The session key is used to identify sessions, and thus included in the rendered HTML. In itself this is not a problem. However if the website has an XSS…

  • CVE-2024-21910MedJan 3, 2024
    risk 0.33cvss 6.1epss 0.01

    TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user's browser.

  • CVE-2024-22513MedMar 16, 2024
    risk 0.32cvss 5.5epss 0.01

    djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the for_user method.