Yaffle

2 exploits Active since Feb 2020
CVE-2020-7993 WRITEUP MEDIUM WRITEUP
Prototype 1.6.0.1 - Authenticated Ticket Forgery via Email ID Field
Prototype 1.6.0.1 allows remote authenticated users to forge ticket creation (on behalf of other user accounts) via a modified email ID field.
CVSS 4.3
CVE-2025-61532 WRITEUP MEDIUM WORKING POC
SVX Portal 2.7A - Cross-Site Scripting via TG Parameter on last_heard_page.php
Cross Site Scripting vulnerability in SVX Portal v.2.7A to execute arbitrary code via the TG parameter on last_heard_page.php component
CVSS 6.1