CVE (Common Vulnerabilities and Exposures) assigned to me for identifying vulnerabilities in various open-source applications and projects.
-
π CVE-2021-3866
β οΈ Medium π Cross-site Scripting (XSS) - Stored in zulip/zulip π Dec 18th 2021$~~$ - https://blog.zulip.com/2022/01/19/cve-2021-3866/
-
π CVE-2021-32568
β οΈ High π Deserialization of Untrusted Data in zmister2016/mrdoc π Aug 29th 2021$~~$
-
π CVE-2021-3830
β οΈ Low π Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver π Sep 6th 2021$~~$ - https://github.com/btcpayserver/btcpayserver/releases/tag/v1.2.3
-
π CVE-2022-0602
β οΈ Medium π Cross-site Scripting (XSS) - DOM in tastyigniter/tastyigniter π Jan 26th 2022$~~$
-
π CVE-2021-3853
β οΈ Medium π Cross-site Scripting (XSS) - Stored in chaskiq/chaskiq π Jan 12th 2022$~~$
-
π CVE-2021-3841
β οΈ Low π Cross-site Scripting (XSS) - Stored in Sylius/Sylius π Nov 6th 2021$~~$
-
π CVE-2020-28457
β οΈ Medium π Cross-site Scripting (XSS) - Stored in s-cart/s-cart π Nov 15th 2020$~~$
-
π CVE-2020-28456
β οΈ Medium π Cross-site Scripting (XSS) - Stored in s-cart/s-cart π Nov 20th 2020$~~$
All of my other security findings and fixes, including XXE, Zip Slip, and more, are listed here. : https://hunter.com/users/b1nslashsh