Version v1.16.2 and earlier versions

OTHER 2 CVEs

Known Vulnerabilities

CVE-2023-22427

Stored cross-site scripting vulnerability in Theme switching function of SHIRASAGI v1.16.2 and earlier versions allows a remote attacker with an administrative privilege to inject an arbitrary script.

UNKNOWN CVSS 4.8 Published Feb 24, 2023

CVE-2023-22425

Stored cross-site scripting vulnerability in Schedule function of SHIRASAGI v1.16.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script.

UNKNOWN CVSS 5.4 Published Feb 24, 2023