Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Quorum
(Nchsoftware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 8 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-07-25 | CVE-2021-37463 | In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored). | Quorum | 5.4 | ||
| 2021-07-25 | CVE-2021-37464 | In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored). | Quorum | 5.4 | ||
| 2021-07-25 | CVE-2021-37465 | In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected). | Quorum | 5.4 | ||
| 2021-07-25 | CVE-2021-37466 | In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected). | Quorum | 5.4 | ||
| 2021-07-25 | CVE-2021-37467 | In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= (reflected). | Quorum | 5.4 | ||
| 2021-07-25 | CVE-2021-37445 | In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading. | Quorum | 6.5 | ||
| 2021-07-25 | CVE-2021-37446 | In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading. | Quorum | 4.3 | ||
| 2021-07-25 | CVE-2021-37447 | In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion. | Quorum | 8.1 |