Product:

Fava

(Fava_project)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 3
Date Id Summary Products Score Patch Annotated
2022-07-25 CVE-2022-2514 The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim. Fava 6.1
2022-07-25 CVE-2022-2523 Cross-site Scripting (XSS) - Reflected in GitHub repository beancount/fava prior to 1.22.2. Fava 6.1
2022-08-01 CVE-2022-2589 Cross-site Scripting (XSS) - Reflected in GitHub repository beancount/fava prior to 1.22.3. Fava 6.1