Description Collabtive 3.1 allows XSS via the manageuser.php?action=profile id parameter. Remediation References CVE-2019-8935 Related Vulnerabilities OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-23839) Oracle JRE CVE-2013-0435 Vulnerability (CVE-2013-0435) WordPress Plugin Events Shortcodes For The Events Calendar Security Bypass (1.9.4) Oracle JRE CVE-2018-2790 Vulnerability (CVE-2018-2790) Cherokee Out-of-bounds Write Vulnerability (CVE-2019-20800) Severity Medium Classification CVE-2019-8935 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities