Filtered by vendor Tendcode
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-50811 | 1 Tendcode | 1 Izone | 2024-11-21 | 9.1 Critical |
| hopetree izone lts c011b48 contains a server-side request forgery (SSRF) vulnerability in the active push function as \\apps\\tool\\apis\\bd_push.py does not securely filter user input through push_urls() and get_urls(). | ||||
| CVE-2024-50810 | 1 Tendcode | 1 Izone | 2024-11-21 | 5.4 Medium |
| hopetree izone lts c011b48 contains a Cross Site Scripting (XSS) vulnerability in the article comment function. In \apps\comment\views.py, AddCommintView() does not securely filter user input and renders it directly to the frontend page through templates. | ||||
Page 1 of 1.