Filtered by vendor Rageframe Subscriptions
Filtered by product Rageframe Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-30883 1 Rageframe 1 Rageframe 2024-11-21 4.7 Medium
Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the aspectRatio parameter in the image cropping function.
CVE-2024-30880 1 Rageframe 1 Rageframe 2024-11-21 5.4 Medium
Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the multiple parameter in the image cropping function.
CVE-2022-36530 1 Rageframe 1 Rageframe 2024-11-21 6.1 Medium
An issue was discovered in rageframe2 2.6.37. There is a XSS vulnerability in the user agent related parameters of the info.php page.