dradisframework 漏洞与 CVE 列表(6)

产品(CPE): — CVE 数: 6

dradisframework 漏洞概览

汇总 dradisframework 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。

历史漏洞主要涉及 跨站脚本 等问题,部分漏洞可能导致 会话劫持,并影响 软件部署与生产负载 相关场景。

相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。

漏洞分布趋势(近 24 个月)

显示 166 CVE 数
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2023-50458 In Dradis before 4.11.0, the Output Console shows a job queue that may contain information about other users' jobs. [email protected] 3.5 0.19% 2025-07-10 2026-06-17
CVE-2023-50786 Dradis through 4.16.0 allows referencing external images (resources) over HTTPS, instead of forcing the use of embedded (uploaded) images. This can be leveraged by an authorized author to attempt to steal the Net-NTLM hashes of other authors on a Windows domain network. [email protected] 4.1 0.16% 2025-07-05 2026-06-17
CVE-2023-31223 Dradis before 4.8.0 allows persistent XSS by authenticated author users, related to avatars. [email protected] 8.7 0.51% 2023-04-25 2026-06-17
CVE-2022-30028 Dradis Professional Edition before 4.3.0 allows attackers to change an account password via reusing a password reset token. [email protected] 5.9 0.49% 2022-06-24 2026-06-17
CVE-2019-19946 The API in Dradis Pro 3.4.1 allows any user to extract the content of a project, even if this user is not part of the project team. [email protected] 6.5 1.19% 2020-03-16 2026-06-16
CVE-2019-5925 Cross-site scripting vulnerability in Dradis Community Edition Dradis Community Edition v3.11 and earlier and Dradis Professional Edition v3.1.1 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. [email protected] 5.4 0.83% 2019-03-12 2026-06-16
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
cvelogic Threat Intelligence