Unclebob Fitnesse

6 CVEs affecting Unclebob Fitnesse. Latest disclosed: 2024-11-15. Critical: 1, High: 0.

Top CVEs affecting Unclebob Fitnesse
CVESeverityScorePublishedSummary
CVE-2024-28125Critical9.82024-03-18FitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands. Note: A contributor of FitNesse has claimed that this is not a v…
CVE-2024-39610Medium6.12024-11-15Cross-site scripting vulnerability exists in FitNesse releases prior to 20241026. If this vulnerability is exploited, an arbitrary script may be executed on th…
CVE-2024-28128Medium6.12024-03-18Cross-site scripting vulnerability exists in FitNesse releases prior to 20220319, which may allow a remote unauthenticated attacker to execute an arbitrary scr…
CVE-2024-23604Medium6.12024-03-18Cross-site scripting vulnerability exists in FitNesse all releases, which may allow a remote unauthenticated attacker to execute an arbitrary script on the web…
CVE-2024-28039Medium5.82024-03-18Improper restriction of XML external entity references vulnerability exists in FitNesse all releases, which allows a remote unauthenticated attacker to obtain…
CVE-2024-42499Medium5.32024-11-15Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in FitNesse releases prior to 20241026. If this vulnerability is ex…