Browse all 3 CVE security advisories affecting skylot. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Skylot develops web-based project management and collaboration tools used by teams for task tracking and workflow organization. Historically, Skylot has been vulnerable to multiple remote code execution flaws, cross-site scripting (XSS) attacks, and privilege escalation vulnerabilities, often stemming from improper input validation and access control issues. The three publicly disclosed CVEs affecting Skylot include critical RCE vulnerabilities in API endpoints and stored XSS weaknesses in user-generated content. While no major security incidents have been widely reported, the consistent pattern of vulnerabilities in core functionality suggests a need for enhanced security testing, particularly in input handling and permission management.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-32653 | Insufficient input filtering of "package name" allows command execution in the device with shell privileges — jadxCWE-20 | 6.1 | Medium | 2024-04-22 |
| CVE-2022-39259 | Jadx-gui subject to Denial of Service via Swing HTML rendering — jadxCWE-20 | 3.3 | Low | 2022-10-21 |
This page lists every published CVE security advisory associated with skylot. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.