Uxper
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Uxper product.
RSS Feeds for Uxper security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Uxper products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Uxper Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 4 vulnerabilities in Uxper with an average score of 7.4 out of ten. Last year, in 2025 Uxper had 11 security vulnerabilities published. Right now, Uxper is on track to have less security vulnerabilities in 2026 than it did last year. Last year, the average CVE base score was greater by 0.40
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 4 | 7.43 |
| 2025 | 11 | 7.83 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 9.80 |
It may take a day or so for new Uxper vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Uxper Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2026-27051 | Mar 25, 2026 |
Golo <=1.7.0 Priv Escalation via Incorrect Priv Assign in uxper Golo componentIncorrect Privilege Assignment vulnerability in uxper Golo golo allows Privilege Escalation.This issue affects Golo: from n/a through <= 1.7.0. |
Golo
|
| CVE-2026-23973 | Mar 25, 2026 |
Golo <=1.7.5 Reflected XSS via Improper Neutralization (CVE-2026-23973)Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Golo golo allows Reflected XSS.This issue affects Golo: from n/a through < 1.7.5. |
Golo
|
| CVE-2026-23974 | Jan 22, 2026 |
Missing Authorization in Golo Before 1.7.5 (uxper)Missing Authorization vulnerability in uxper Golo golo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Golo: from n/a through < 1.7.5. |
Golo
|
| CVE-2026-23975 | Jan 22, 2026 |
PHP LFI in Golo <1.7.5 (CVE-2026-23975)Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Golo golo allows PHP Local File Inclusion.This issue affects Golo: from n/a through < 1.7.5. |
Golo
|
| CVE-2025-52739 | Dec 31, 2025 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper SalaImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Sala allows Reflected XSS.This issue affects Sala: from n/a through 1.1.3. |
|
| CVE-2025-62037 | Nov 06, 2025 |
Missing Auth in uxper Togo < 1.0.4Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. |
Togo
|
| CVE-2025-62036 | Nov 06, 2025 |
XSS Vulnerability in Uxper Togo <1.0.4 via Improper Input NeutralizationImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. |
Togo
|
| CVE-2025-62034 | Nov 06, 2025 |
Incorrect Privilege Assignment in uxper Togo <1.0.4Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. |
Togo
|
| CVE-2025-62035 | Nov 06, 2025 |
UXper Togo <=1.0.3 Deserialization of Untrusted DataDeserialization of Untrusted Data vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. |
Togo
|
| CVE-2025-62033 | Nov 06, 2025 |
Missing Authorization in uxper Togo before 1.0.4Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. |
Togo
|