Usvn » Usvn : Security Vulnerabilities, CVEs,

CVE-2020-25070

USVN (aka User-friendly SVN) before 1.0.10 allows CSRF, related to the lack of the SameSite Strict feature.
Max CVSS
8.8
EPSS Score
0.07%
Published
2020-09-01
Updated
2020-09-04

CVE-2020-25069

USVN (aka User-friendly SVN) before 1.0.10 allows attackers to execute arbitrary code in the commit view.
Max CVSS
9.8
EPSS Score
0.43%
Published
2020-09-01
Updated
2020-09-04

CVE-2020-17363

USVN (aka User-friendly SVN) before 1.0.9 allows remote code execution via shell metacharacters in the number_start or number_end parameter to LastHundredRequest (aka lasthundredrequestAction) in the Timeline module. NOTE: this may overlap CVE-2020-25069.
Max CVSS
9.9
EPSS Score
0.30%
Published
2020-12-31
Updated
2021-01-05

CVE-2018-0695

Cross-site scripting vulnerability in User-friendly SVN (USVN) Version 1.0.7 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
6.1
EPSS Score
0.12%
Published
2018-11-15
Updated
2018-12-17
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close