Every CVE whose affected-product data names Daloradius, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2022-23475 — CVSS 8.8 (high): daloRADIUS is an open source RADIUS web management application. daloRadius 1.3 and prior are vulnerable to a combination cross site…
CVE-2023-0046 — CVSS 7.2 (high): Improper Restriction of Names for Files and Other Resources in GitHub repository lirantal/daloradius prior to master-branch.
CVE-2023-0337 — CVSS 6.1 (medium): Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to master-branch.
CVE-2023-0338 — CVSS 6.1 (medium): Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to master-branch.
CVE-2022-4630 — CVSS 5.3 (medium): Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master.