VYPR
Vendor

Opensef Project

Products
4
CVEs
4
Across products
4
Status
Private

Products

4

Recent CVEs

4
  • CVE-2024-54160MedFeb 12, 2025
    risk 0.35cvss 6.4epss 0.01

    dashboards-reporting (aka Dashboards Reports) before 2.19.0.0, as shipped in OpenSearch before 2.19, allows XSS because Markdown is not sanitized when previewing a header or footer.

  • CVE-2024-43794MedAug 23, 2024
    risk 0.33cvss 6.1epss 0.00

    OpenSearch Dashboards Security Plugin adds a configuration management UI for the OpenSearch Security features to OpenSearch Dashboards. Improper validation of the nextUrl parameter can lead to external redirect on login to OpenSearch-Dashboards for specially crafted parameters.…

  • CVE-2023-23933MedFeb 3, 2023
    risk 0.28cvss 4.3epss 0.01

    OpenSearch Anomaly Detection identifies atypical data and receives automatic notifications. There is an issue with the application of document and field level restrictions in the Anomaly Detection plugin, where users with the Anomaly Detector role can read aggregated numerical…

  • CVE-2006-4320Aug 24, 2006
    risk 0.00cvss epss 0.01

    PHP remote file inclusion vulnerability in sef.php in the OpenSEF 2.0.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.