Filtered by vendor Citadel
Subscriptions
Filtered by product Citadel
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-44272 | 1 Citadel | 1 Citadel | 2024-09-19 | 5.4 Medium |
| A cross-site scripting vulnerability exists in Citadel versions prior to 994. When a malicious user sends an instant message with some JavaScript code, the script may be executed on the web browser of the victim user. | ||||
| CVE-2011-1756 | 1 Citadel | 1 Citadel | 2024-08-06 | N/A |
| modules/xmpp/serv_xmpp.c in Citadel 7.86 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | ||||
Page 1 of 1.