VYPR
Vendor

Scoold

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2024-50334MedOct 29, 2024
    risk 0.35cvss 5.3epss 0.01

    Scoold is a Q&A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass authentication and gain unauthorised access to sensitive configuration data.…

  • CVE-2021-46372MedFeb 18, 2022
    risk 0.35cvss 5.4epss 0.01

    Scoold 1.47.2 is a Q&A/knowledge base platform written in Java. When writing a Q&A, the markdown editor is vulnerable to a XSS attack when using uppercase letters.