Activecollab » Activecollab : Security Vulnerabilities, CVEs, Published In 2009
Cross-site scripting (XSS) vulnerability in A51 D.O.O. activeCollab 0.7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1772.
Max CVSS
4.3
EPSS Score
0.19%
Published
2009-06-12
Updated
2017-08-17
activeCollab 2.1 Corporate allows remote attackers to obtain sensitive information via an invalid re_route parameter to the login script, which reveals the installation path in an error message.
Max CVSS
5.0
EPSS Score
0.23%
Published
2009-05-22
Updated
2021-07-12
Cross-site scripting (XSS) vulnerability in activeCollab 2.1 Corporate allows remote attackers to inject arbitrary web script or HTML via the re_route parameter to the login script.
Max CVSS
4.3
EPSS Score
0.14%
Published
2009-05-22
Updated
2021-07-12
3 vulnerabilities found