microweber/microweber vulnerabilities

licenses detected
- MIT
  >=1.1
- Apache-2.0
  >=0.9.346, <1.1

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the microweber/microweber package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Cross-site Scripting (XSS)	<2.0.16
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
M Business Logic Errors	<2.0.0
H Information Exposure	>=2.0.1, <2.0.4
L Missing Standardized Error Handling Mechanism	<2.0.0
L Improper Enforcement of Behavioral Workflow	<2.0.0
H Unrestricted Upload of File with Dangerous Type	<2.0.5
M Cross-site Scripting (XSS)	<2.0.3
L Improper Access Control	<2.0.0
M Cross-site Scripting (XSS)	<2.0.0
M Use of Hard-coded Credentials	<2.0.0
M Cross-site Scripting (XSS)	<2.0.0
L Cross-site Scripting (XSS)	<2.0.0
H Improper Privilege Management	<1.3.4
M Information Exposure	<1.3.4
M Cross-site Scripting (XSS)	<1.3.3
H Cross-site Scripting (XSS)	<1.3.3
L Deserialization of Untrusted Data	<1.3.3
M Arbitrary Command Injection	<1.3.3
M Cross-site Scripting (XSS)	<v1.3.3
M Cross-site Scripting (XSS)	<1.2.9
M Cross-site Scripting (XSS)	<1.3.2
L Arbitrary File Upload	<1.3.2
M Cross-site Scripting (XSS)	<1.3.2
L Cross-site Scripting (XSS)	<1.3.2
H Cross-site Scripting (XSS)	<1.3.2
M Weak Password Recovery Mechanism for Forgotten Password	>=0.0.0
M Arbitrary Code Injection	<1.3.2
M Arbitrary Code Injection	<1.3.2
M Cross-site Scripting (XSS)	<1.3.1
M Cross-site Scripting (XSS)	<1.2.21
M Cross-site Scripting (XSS)	<1.2.21
H Insufficient Session Expiration	>=0.0.0
M Insufficient Session Expiration	>=0.0.0
M Information Exposure	>=0.0.0
M Brute Force	<1.3.0
M Cross-site Scripting (XSS)	<1.2.20
M Cross-site Scripting (XSS)	<1.2.19
M Cross-site Scripting (XSS)	<1.2.19
M Open Redirect	<1.2.19
M Cross-site Scripting (XSS)	<1.2.18
M Cross-site Scripting (XSS)	<1.2.18
M Cross-site Scripting (XSS)	<1.2.16
M Cross-site Scripting (XSS)	<1.2.16
M Cross-site Scripting (XSS)	<1.2.15
M Cross-site Scripting (XSS)	<1.2.15
M Denial of Service (DoS)	<1.2.12
M Cross-site Scripting (XSS)	<1.2.11
M Integer Overflow or Wraparound	<1.2.12
M Cross-site Scripting (XSS)	<1.2.12
M Integer Overflow or Wraparound	<1.2.12
L Cross-site Scripting (XSS)	<1.2.12
M Cross-site Scripting (XSS)	<1.2.12
H Arbitrary Code Execution	<1.2.12
M Cross-site Scripting (XSS)	<1.2.12
M Cross-site Scripting	<1.2.12
M Cross-site Scripting (XSS)	<1.2.12
C Integer Overflow or Wraparound	<1.2.12
M HTML Code Injection	<1.2.12
M Improper Input Validation	<1.2.12
M Cross-site Scripting (XSS)	<1.2.12
M Cross-site Scripting (XSS)	<1.2.12
H Insecure Storage of Sensitive Information	<1.2.12
H Cross-site Scripting (XSS)	<1.2.12
M Business Logic Errors	<1.2.11
M Cross-site Scripting (XSS)	<1.2.11
M Cross-site Scripting (XSS)	<1.2.11
M Information Exposure	<1.2.11
H Information Exposure	<1.2.11
L Cross-site Request Forgery (CSRF)	<1.2.11
M Open Redirect	<1.2.11
M Open Redirect	<1.2.11
H Command Injection	<1.2.11
H Cross-site Scripting (XSS)	<1.2.11
M Cross-site Scripting (XSS)	<1.2.11
M Information Exposure	<1.2.11
M Cross-site Request Forgery (CSRF)	<1.2.11
M Cross-site Scripting (XSS)	<1.2.11
M Cross-site Scripting (XSS)	<1.2.11
H Cross-site Scripting (XSS)	<1.2.11
M Access Restriction Bypass	<1.2.11
M HTML Injection	<1.2.11
H Information Exposure	<1.2.11
M Cross-site Scripting (XSS)	<1.2.8
H Arbitrary File Write via Archive Extraction (Zip Slip)	<1.2.0.x-dev
H Information Disclosure	<1.1.20
C Arbitrary File Upload	<1.2.3
M Cross-site Scripting (XSS)	<1.1
M Cross-site Scripting (XSS)	<1.1
H Cross-site Request Forgery (CSRF)	<1.1

microweber/microweber vulnerabilities

licenses detected

Direct Vulnerabilities