OpenpneCVEs & Vulnerabilities
2 CVEs affecting Openpne products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
opopensocialplugin 4optimelineplugin 1
CVE-2024-27278MEDIUM
OpenPNE Plugin "opTimelinePlugin" 1.2.11 and earlier contains a cross-site scripting vulnerability. On the site which uses the affected product, when a user configures the profile with some malicious contents, an arbitrary script may be executed on the web browsers of other users.
6 Mar 2024
5.4
CVSS
CVE-2013-4335CRITICAL
opOpenSocialPlugin 0.8.2.1, > 0.9.9.2, 0.9.13, 1.2.6: Multiple XML External Entity Injection Vulnerabilities
7 Feb 2020
9.8
CVSS
← PrevPage 1 / 1Next →