← Back

Remark42

remark42

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Remark42
remark42
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-45966
1Remark42
1Remark42
Nov 21, 2024
Oct 23, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
umputun remark42 version 1.12.1 and before has a Blind Server-Side Request Forgery (SSRF) vulnerability.
CVE-2021-29271
1Remark42
1Remark42
Nov 21, 2024
Mar 27, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
remark42 before 1.6.1 allows XSS, as demonstrated by "Locator: Locator{URL:" followed by an XSS payload. This is related to backend/app/store/comment.go and backend/app/store/service/service.go.