Browse all 4 CVE security advisories affecting Orangescrum. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-47716 | Orangescrum 1.8.0 Cross-Site Scripting via Authenticated Endpoints — orangescrumCWE-79 | 5.4 | Medium | 2025-12-23 |
| CVE-2021-47721 | Orangescrum 1.8.0 Authenticated Privilege Escalation via User Session Manipulation — orangescrumCWE-639 | 8.8 | High | 2025-12-23 |
| CVE-2021-47720 | Orangescrum 1.8.0 Authenticated SQL Injection via Multiple Parameters — orangescrumCWE-89 | 7.1 | High | 2025-12-23 |
| CVE-2023-1783 | OrangeScrum 2.0.11 - AWS Credentials Leak via PDF Rendering — OrangescrumCWE-79 | 6.5 | Medium | 2023-06-23 |
This page lists every published CVE security advisory associated with Orangescrum. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.