FreeTAKServer@1.2 vulnerabilities
An open source server for the TAK family of applications.
-
latest version
2.1.3
-
latest non vulnerable version
-
first published
4 years ago
-
latest version published
a month ago
-
licenses detected
- [0.0.1.5,0.1.7.3); [0.8.13,1.5.10)
Direct Vulnerabilities
Known vulnerabilities in the FreeTAKServer package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
FreeTAKServer is an An open source server for the TAK family of applications. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization, via the How to fix Cross-site Scripting (XSS)? Upgrade |
[,2.0.21)
|
FreeTAKServer is an An open source server for the TAK family of applications. Affected versions of this package are vulnerable to Use of Hard-coded Credentials. This package contains a hardcoded Flask secret key that allows attackers to create crafted cookies to bypass authentication or escalate privileges. How to fix Use of Hard-coded Credentials? Upgrade |
[,1.9.8.5)
|
FreeTAKServer is an An open source server for the TAK family of applications. Affected versions of this package are vulnerable to Improper Access Control in the component How to fix Improper Access Control? Upgrade |
[0,1.9.8.6)
|