Unclebob Fitnesse
6 CVEs affecting Unclebob Fitnesse. Latest disclosed: 2024-11-15. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-28125 | Critical | 9.8 | 2024-03-18 | FitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands. Note: A contributor of FitNesse has claimed that this is not a v… |
CVE-2024-39610 | Medium | 6.1 | 2024-11-15 | Cross-site scripting vulnerability exists in FitNesse releases prior to 20241026. If this vulnerability is exploited, an arbitrary script may be executed on th… |
CVE-2024-28128 | Medium | 6.1 | 2024-03-18 | Cross-site scripting vulnerability exists in FitNesse releases prior to 20220319, which may allow a remote unauthenticated attacker to execute an arbitrary scr… |
CVE-2024-23604 | Medium | 6.1 | 2024-03-18 | Cross-site scripting vulnerability exists in FitNesse all releases, which may allow a remote unauthenticated attacker to execute an arbitrary script on the web… |
CVE-2024-28039 | Medium | 5.8 | 2024-03-18 | Improper restriction of XML external entity references vulnerability exists in FitNesse all releases, which allows a remote unauthenticated attacker to obtain… |
CVE-2024-42499 | Medium | 5.3 | 2024-11-15 | Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in FitNesse releases prior to 20241026. If this vulnerability is ex… |