Every CVE whose affected-product data names Synel Eharmony, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-22791 — CVSS 6.6 (medium): SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code into the "comments" field could lead to potential stealing of cookies…
CVE-2022-36778 — CVSS 6.5 (medium): insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code.
CVE-2022-22790 — CVSS 5.6 (medium): SYNEL - eharmony Directory Traversal. Directory Traversal - is an attack against a server or a Web application aimed at unauthorized access…