COOEY // HUBcompliance · community · intelligence

FAIL › dossier

fusiondirectory vendor

2
failure events
0
zero-days
0
RCEs
0
on KEV
2
critical
35
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 4 events

DateEventSevFlagsShameSummary
2022-11-22 CVE-2022-36179 critical 35 Fusiondirectory 1.3 suffers from Improper Session Handling.
2022-11-22 CVE-2022-36179 critical 35 Fusiondirectory 1.3 suffers from Improper Session Handling.
2022-11-22 CVE-2022-36180 critical 35 Fusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS) via /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&plug={Injection], /fusiondirectory/index.php?signout=1&message=[injection]&plug=106.
2022-11-22 CVE-2022-36180 critical 35 Fusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS) via /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&plug={Injection], /fusiondirectory/index.php?signout=1&message=[injection]&plug=106.