Product
webswing
3 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-39332
CVE-2022-34914
CVE-2020-11103
all versions
Webswing 23.2.2 allows remote attackers to modify client-side JavaScript code to achieve path traversal, likely leading to remote
< 20.1.16
Webswing before 22.1.3 allows X-Forwarded-For header injection. The client IP address is associated with a variable in the configu
>= 2.7 and < 20.1
JsLink in Webswing before 2.6.12 LTS, and 2.7.x and 20.x before 20.1, allows remote code execution.