Filtered by vendor Kantorge
Subscriptions
Filtered by product Yaffa
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-70844 | 1 Kantorge | 1 Yaffa | 2026-04-09 | N/A |
| yaffa v2.0.0 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript into the "Add Account Group" function on the account-group page, allowing execution of arbitrary script in the context of users who view the affected page. | ||||
Page 1 of 1.