← Back

Remark42

remark42

Vendor: Remark42 • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-45966
1Remark42
1Remark42
Nov 21, 2024
Oct 23, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
umputun remark42 version 1.12.1 and before has a Blind Server-Side Request Forgery (SSRF) vulnerability.
CVE-2021-29271
1Remark42
1Remark42
Nov 21, 2024
Mar 27, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
remark42 before 1.6.1 allows XSS, as demonstrated by "Locator: Locator{URL:" followed by an XSS payload. This is related to backend/app/store/comment.go and backend/app/store/service/service.go.