NotCVE - vendor:"Organizr" product:"Organizr" version:"

7 results (0.006 seconds)

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-1909 – Cross-site Scripting (XSS) - Stored in causefx/organizr

https://notcve.org/view.php?id=CVE-2022-1909

27 May 2022 — Cross-site Scripting (XSS) - Stored in GitHub repository causefx/organizr prior to 2.1.2200. Una vulneraqbilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio de GitHub causefx/organizr versiones anteriores a 2.1.2200 • https://github.com/causefx/organizr/commit/d5245cab1f4b9180856330266911d6ceda14858b • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-1698 – Allowing long password leads to denial of service in causefx/organizr

https://notcve.org/view.php?id=CVE-2022-1698

12 May 2022 — Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. Permitir una contraseña larga conlleva a una denegación de servicio en el repositorio GitHub causefx/organizr versiones anteriores a 2.1.2000. Esta vulnerabilidad puede ser abusada al hacer un ataque DDoS para que usuarios genuinos no puedan acceder a recursos/aplicaciones • https://github.com/causefx/organizr/commit/e4b4cff66c526f7b5bbaef0073c92c315c29bd56 • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-1699 – Uncontrolled Resource Consumption in causefx/organizr

https://notcve.org/view.php?id=CVE-2022-1699

12 May 2022 — Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. Un Consumo no Controlado de Recursos en el repositorio GitHub causefx/organizr versiones anteriores a 2.1.2000. Esta vulnerabilidad puede ser abusada al hacer un ataque DDoS por el cual usuarios genuinos no podrán acceder a recursos/aplicaciones • https://github.com/causefx/organizr/commit/e4b4cff66c526f7b5bbaef0073c92c315c29bd56 • CWE-190: Integer Overflow or Wraparound CWE-400: Uncontrolled Resource Consumption •

CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-1347 – Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in causefx/organizr

https://notcve.org/view.php?id=CVE-2022-1347

13 Apr 2022 — Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in GitHub repository causefx/organizr prior to 2.1.1810. Account takeover and privilege escalation Una vulnerabilidad de tipo XSS almacenado en los campos de entrada "Username" y "Email" conlleva a una toma de posesión de la cuenta de los usuarios administradores y coadministradores en el repositorio de GitHub causefx/organizr versiones anteriores a 2.1.1810. Una adquisición de cuentas y escalada de privi... • https://github.com/causefx/organizr/commit/a09d834d995599756b62016af7026d2408ecf43a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-1345 – Stored XSS viva .svg file upload in causefx/organizr

https://notcve.org/view.php?id=CVE-2022-1345

13 Apr 2022 — Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse. Una vulnerabilidad de tipo XSS almacenado por medio de una carga de archivos .svg en el repositorio de GitHub causefx/organizr versiones anteriores a 2.1.1810. Esto permite a atacantes ejecutar scripts maliciosos en el navegador del usuario y puede conllevar a un secuestro d... • https://github.com/causefx/organizr/commit/a09d834d995599756b62016af7026d2408ecf43a • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-1346 – Multiple Stored XSS in causefx/organizr

https://notcve.org/view.php?id=CVE-2022-1346

13 Apr 2022 — Multiple Stored XSS in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse. Múltiples vulnerabilidades de tipo XSS almacenados en el repositorio de GitHub causefx/organizr versiones anteriores a 2.1.1810. Esto permite a atacantes ejecutar scripts maliciosos en el navegador del usuario y puede conllevar a un secuestro de sesión, exposición de datos confidenciales... • https://github.com/causefx/organizr/commit/a09d834d995599756b62016af7026d2408ecf43a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-1344 – Stored XSS due to no sanitization in the filename in causefx/organizr

https://notcve.org/view.php?id=CVE-2022-1344

13 Apr 2022 — Stored XSS due to no sanitization in the filename in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse. Una vulnerabilidad dd tipo XSS almacenado debido a una falta de saneo en el nombre de archivo en el repositorio de GitHub causefx/organizr versiones anteriores a 2.1.1810. Esto permite a atacantes ejecutar scripts maliciosos en el navegador del usuario y pue... • https://github.com/causefx/organizr/commit/a09d834d995599756b62016af7026d2408ecf43a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •