indico@3.2.5 vulnerabilities
Indico is a full-featured conference lifecycle management and meeting/lecture scheduling tool
-
latest version
3.3.2
-
latest non vulnerable version
-
first published
8 years ago
-
latest version published
a month ago
-
licenses detected
- [2.2,)
Direct Vulnerabilities
Known vulnerabilities in the indico package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
indico is a conference lifecycle management and meeting/lecture scheduling tool. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via confirmation prompts. Exploitation requires someone with at least submission privileges (such as a speaker) and then someone else to attempt to delete this content. How to fix Cross-site Scripting (XSS)? Upgrade |
[,3.2.6)
|