Every CVE whose affected-product data names Labkey Labkey Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2019-9926 — CVSS 8.8 (high): An issue was discovered in LabKey Server 19.1.0. It is possible to force a logged-in administrator to execute code through a…
CVE-2019-9757 — CVSS 7.5 (high): An issue was discovered in LabKey Server 19.1.0. Sending an SVG containing an XXE payload to the endpoint visualization-exportImage.view or…
CVE-2019-3911 — CVSS 6.1 (medium): Reflected cross-site scripting (XSS) vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 allows an unauthenticated…
CVE-2019-3912 — CVSS 6.1 (medium): An open redirect vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 via the /__r1/ returnURL parameter allows an…
CVE-2019-9758 — CVSS 5.4 (medium): An issue was discovered in LabKey Server 19.1.0. The display name of a user is vulnerable to stored XSS that can execute on administrators…
CVE-2019-3913 — CVSS 4.9 (medium): Command manipulation in LabKey Server Community Edition before 18.3.0-61806.763 allows an authenticated remote attacker to unmount any…