Every CVE whose affected-product data names Onenav, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-38712 — CVSS 7.5 (high): OneNav 0.9.12 allows Information Disclosure of the onenav.db3 contents. NOTE: the vendor's recommended solution is to block the access via…
CVE-2023-7210 — CVSS 7.3 (high): A vulnerability was found in OneNav up to 0.9.33. It has been classified as critical. This affects an unknown part of the file…
CVE-2021-38138 — CVSS 5.4 (medium): OneNav beta 0.9.12 allows XSS via the Add Link feature. NOTE: the vendor's position is that there intentionally is not any XSS protection…