Filtered by vendor Remark42 Subscriptions
Filtered by product Remark42 Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-45966 1 Remark42 1 Remark42 2024-09-12 7.5 High
umputun remark42 version 1.12.1 and before has a Blind Server-Side Request Forgery (SSRF) vulnerability.
CVE-2021-29271 1 Remark42 1 Remark42 2024-08-03 6.1 Medium
remark42 before 1.6.1 allows XSS, as demonstrated by "Locator: Locator{URL:" followed by an XSS payload. This is related to backend/app/store/comment.go and backend/app/store/service/service.go.