Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tt-rss tiny tiny rss vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-1000035
Tiny Tiny RSS prior to 829d478f is vulnerable to XSS window.opener attack
Tt-rss Tiny Tiny Rss -
7.5
CVSSv3
CVE-2021-28373
The auth_internal plugin in Tiny Tiny RSS (aka tt-rss) prior to 2021-03-12 allows an malicious user to log in via the OTP code without a valid password. NOTE: this issue only affected the git master branch for a short time. However, all end users are explicitly directed to use th...
Tt-rss Tiny Tiny Rss
9.8
CVSSv3
CVE-2020-25787
An issue exists in Tiny Tiny RSS (aka tt-rss) prior to 2020-09-16. It does not validate all URLs before requesting them.
Tt-rss Tiny Tiny Rss
8.1
CVSSv3
CVE-2020-25788
An issue exists in Tiny Tiny RSS (aka tt-rss) prior to 2020-09-16. imgproxy in plugins/af_proxy_http/init.php mishandles $_REQUEST["url"] in an error message.
Tt-rss Tiny Tiny Rss
6.1
CVSSv3
CVE-2020-25789
An issue exists in Tiny Tiny RSS (aka tt-rss) prior to 2020-09-16. The cached_url feature mishandles JavaScript inside an SVG document.
Tt-rss Tiny Tiny Rss
9.8
CVSSv3
CVE-2017-16896
A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter.
Tt-rss Tiny Tiny Rss 17.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started