Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Friendica Security Vulnerabilities

cve
cve

CVE-2021-30141

Module/Settings/UserExport.php in Friendica through 2021.01 allows settings/userexport to be used by anonymous users, as demonstrated by an attempted access to an array offset on a value of type null, and excessive memory consumption. NOTE: the vendor states "the feature still requires a valid auth...

7.5CVSS

7.5AI Score

0.001EPSS

2021-04-05 11:15 PM
120
cve
cve

CVE-2024-27729

Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature.

6.1CVSS

6.1AI Score

0.0005EPSS

2024-08-15 07:15 PM
23
cve
cve

CVE-2024-39094

Friendica 2024.03 is vulnerable to Cross Site Scripting (XSS) in settings/profile via the homepage, xmpp, and matrix parameters.

5.4CVSS

5.8AI Score

0.001EPSS

2024-08-20 02:15 PM
23