Every CVE whose affected-product data names Iorder Project Iorder, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-43440 — CVSS 6.1 (medium): Multiple Stored XSS Vulnerabilities in the Source Code of iOrder 1.0 allow remote attackers to execute arbitrary code via signup form in…
CVE-2021-43441 — CVSS 5.3 (medium): An HTML Injection Vulnerability in iOrder 1.0 allows the remote attacker to execute Malicious HTML codes via the signup form