Vulnerabilidades em oroinc
12 resultadosCVE-2021-43852HIGHJavaScript Prototype Pollution in oro/platformEPSS 1.1%CVE-2022-41951HIGHOroPlatform vulnerable to path traversal during temporary file manipulationsEPSS 0.9%CVE-2021-41236MEDIUMXSS vulnerability in oro/platformEPSS 0.7%CVE-2023-32062MEDIUMOroCalendarBundle has incorrect system calendar events visibilityEPSS 0.5%CVE-2023-32063MEDIUMOroCRMCallBundle has incorrect call view page visibilityEPSS 0.5%CVE-2023-32064MEDIUMOroCommerce Customer Portal Incorrect Customer and Customer Group Frontend Menus pages visibilityEPSS 0.5%CVE-2023-32065MEDIUMOroCommerce get-totals-for-checkout API endpoint returns unwanted dataEPSS 0.5%CVE-2023-45824MEDIUMOroPlatform's pinned entity creation form shows pages of other usersEPSS 0.4%CVE-2023-48296MEDIUMOroPlatform's storefront user can access history and most viewed data from matching back-office user with the same IDEPSS 0.4%CVE-2022-31037MEDIUMOroCommerce vulnerable to Cross-site Scripting via Shipping rule editing pageEPSS 0.4%CVE-2022-35950MEDIUMOroCommerce Cross-site Scripting vulnerability in add note dialog of Shopping List line itemEPSS 0.4%CVE-2021-39198MEDIUMThe disqualify lead action may be executed without CSRF token checkEPSS 0.3%