Browse all 7 CVE security advisories affecting causefx. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Causefx develops supply chain risk management software focused on third-party vendor assessment and monitoring. Historically, their products have been vulnerable to multiple remote code execution (RCE) flaws, cross-site scripting (XSS), and privilege escalation vulnerabilities, with seven CVEs recorded to date. These issues often stem from improper input validation and access control weaknesses in their web interfaces. While no major public security incidents have been documented, the consistent pattern of vulnerabilities in their core functionality suggests potential risks for organizations relying on their platform for critical vendor risk assessments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-1909 | Cross-site Scripting (XSS) - Stored in causefx/organizr — causefx/organizrCWE-79 | 5.4 | - | 2022-05-27 |
| CVE-2022-1698 | Allowing long password leads to denial of service in causefx/organizr — causefx/organizrCWE-191 | 7.5 | - | 2022-05-12 |
| CVE-2022-1699 | Uncontrolled Resource Consumption in causefx/organizr — causefx/organizrCWE-190 | 7.5 | - | 2022-05-12 |
| CVE-2022-1347 | Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in causefx/organizr — causefx/organizrCWE-79 | 6.9 | - | 2022-04-13 |
| CVE-2022-1345 | Stored XSS viva .svg file upload in causefx/organizr — causefx/organizrCWE-434 | 8.9 | - | 2022-04-13 |
| CVE-2022-1346 | Multiple Stored XSS in causefx/organizr — causefx/organizrCWE-79 | 8.9 | - | 2022-04-13 |
| CVE-2022-1344 | Stored XSS due to no sanitization in the filename in causefx/organizr — causefx/organizrCWE-79 | 5.4 | - | 2022-04-13 |
This page lists every published CVE security advisory associated with causefx. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.