Vulnerabilities in erudika
9 resultsCVE-2022-1543CRITICALImproper handling of Length parameter in erudika/scooldEPSS 1.1%CVE-2024-50334HIGHSemicolon Path Injection on API /api;/configEPSS 1.0%CVE-2022-1848CRITICALBusiness Logic Errors in erudika/paraEPSS 1.0%CVE-2022-1782CRITICALCross-site Scripting (XSS) - Generic in erudika/paraEPSS 0.9%CVE-2026-34832MEDIUMScoold: Cross-Account Feedback Deletion (IDOR)EPSS 0.3%CVE-2026-42176MEDIUMScoold: Persistent Admin Takeover by Overwriting the admins Configuration Setting via Forged JWT (missing `jti` validation)EPSS 0.2%CVE-2026-39354MEDIUMScoold has an Authenticated Arbitrary Question Overwrite via Client-Controlled postId in POST /questions/askEPSS 0.2%CVE-2025-49009MEDIUMPara Inserts Sensitive Information into Log File for Facebook authenticationEPSS 0.1%CVE-2025-48955MEDIUMPara Server Logs Sensitive InformationEPSS 0.1%