← Back

Openmaint

openmaint

Vendor: Openmaint • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-27695
1Openmaint
1Openmaint
Jun 17, 2026
Mar 15, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Multiple stored cross-site scripting (XSS) vulnerabilities in openMAINT 2.1-3.3-b allow remote attackers to inject arbitrary web script or HTML via any "Add" sections, such as Add Card Building & Floor, or others in the...Show more
Multiple stored cross-site scripting (XSS) vulnerabilities in openMAINT 2.1-3.3-b allow remote attackers to inject arbitrary web script or HTML via any "Add" sections, such as Add Card Building & Floor, or others in the Name and Code Parameters.Show less
CVE-2020-24549
1Openmaint
1Openmaint
Jun 17, 2026
Jan 26, 2021
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
openMAINT before 1.1-2.4.2 allows remote authenticated users to run arbitrary JSP code on the underlying web server.