Lucene search
Ymfe Security Vulnerabilities
cve
Cross Site Scripting (XSS) vulnerability in yapi 1.9.1 allows attackers to execute arbitrary code via the /interface/api edit...
5.4CVSS
5.4AI Score
0.001EPSS
2023-01-26 09:15 PM
21
cve
Weak JSON Web Token (JWT) signing secret generation in YMFE YApi through 1.9.2 allows recreation of other users' JWT tokens. This occurs because Math.random in Node.js is...
5.1CVSS
5.2AI Score
0.001EPSS
2021-03-01 11:15 PM
25
2
cve
An issue was discovered in YMFE YApi 1.3.23. There is stored XSS in the name field of a...
5.4CVSS
5.1AI Score
0.001EPSS
2018-09-28 09:29 AM
25