All 8 CVE vulnerabilities found in Orangescrum, with AI-generated Chinese analysis, references, and POCs.
Vendor: n/a
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-47716 | Orangescrum 1.8.0 Cross-Site Scripting via Authenticated Endpoints CWE-79 | 5.4 | Medium | 2025-12-23 |
| CVE-2021-47721 | Orangescrum 1.8.0 Authenticated Privilege Escalation via User Session Manipulation CWE-639 | 8.8 | High | 2025-12-23 |
| CVE-2021-47720 | Orangescrum 1.8.0 Authenticated SQL Injection via Multiple Parameters CWE-89 | 7.1 | High | 2025-12-23 |
| CVE-2023-1783 | OrangeScrum 2.0.11 - AWS Credentials Leak via PDF Rendering CWE-79 | 6.5 | Medium | 2023-06-23 |
| CVE-2023-0738 | OrangeScrum 跨站脚本漏洞 | 6.1 | - | 2023-04-04 |
| CVE-2023-0624 | OrangeScrum 跨站脚本漏洞 | 6.1 | - | 2023-02-09 |
| CVE-2023-0454 | OrangeScrum 路径遍历漏洞 | 8.1 | - | 2023-02-01 |
| CVE-2023-0164 | OrangeScrum 操作系统命令注入漏洞 | 8.8 | - | 2023-01-18 |
All 8 known CVE vulnerabilities affecting Orangescrum with full Chinese analysis, references, and POCs where available.