doist CVE 脆弱性と CVE 一覧(2)

製品(CPE): — CVE 件数: 2

doist 脆弱性概要

This page aggregates publicly disclosed CVE and security risk information related to doist, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

脆弱性分布の推移(直近24か月)

表示中 12 / 2 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2025-63317 Todoist v8896 is vulnerable to Cross Site Scripting (XSS) in /api/v1/uploads. Uploaded SVG files have no sanitization applied, so embedded JavaScript executes when a user opens the attachment from a task/comment. [email protected] 5.4 0.18% 2025-12-01 2025-12-04
CVE-2025-57292 Todoist v8484 contains a stored cross-site scripting (XSS) vulnerability in the avatar upload functionality. The application fails to properly validate the MIME type and sanitize image metadata. [email protected] 6.1 0.22% 2025-09-26 2025-10-07
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence