Organizr CVEs and Security Vulnerabilities

Filtered by vendor Organizr Subscriptions

Filtered by product Organizr Subscriptions

Search

Switch to Advanced Search (Beta)

Total 10 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-1909	1 Organizr	1 Organizr	2024-11-21	5.4 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository causefx/organizr prior to 2.1.2200.
CVE-2022-1699	1 Organizr	1 Organizr	2024-11-21	7.5 High
Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.
CVE-2022-1698	1 Organizr	1 Organizr	2024-11-21	7.5 High
Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.
CVE-2022-1347	1 Organizr	1 Organizr	2024-11-21	8.4 High
Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in GitHub repository causefx/organizr prior to 2.1.1810. Account takeover and privilege escalation
CVE-2022-1346	1 Organizr	1 Organizr	2024-11-21	9.0 Critical
Multiple Stored XSS in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.
CVE-2022-1345	1 Organizr	1 Organizr	2024-11-21	9.0 Critical
Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.
CVE-2022-1344	1 Organizr	1 Organizr	2024-11-21	9.0 Critical
Stored XSS due to no sanitization in the filename in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.
CVE-2024-41372	2 Causefx, Organizr	2 Organizr, Organizr	2024-09-04	9.8 Critical
Organizr v1.90 was discovered to contain a SQL injection vulnerability via chat/settyping.php.
CVE-2024-41371	1 Organizr	1 Organizr	2024-09-04	6.1 Medium
Organizr v1.90 is vulnerable to Cross Site Scripting (XSS) via api.php.
CVE-2024-41370	2 Causefx, Organizr	2 Organizr, Organizr	2024-09-04	9.8 Critical
Organizr v1.90 was discovered to contain a SQL injection vulnerability via chat/setlike.php.

Page 1 of 1.