RSS   Vulnerabilities for 'Tessa'   RSS

2022-02-06
 
CVE-2022-22831

CWE-287
 

 
An issue was discovered in Servisnet Tessa 0.0.2. An attacker can add a new sysadmin user via a manipulation of the Authorization HTTP header.

 
 
CVE-2022-22832

CWE-269
 

 
An issue was discovered in Servisnet Tessa 0.0.2. Authorization data is available via an unauthenticated /data-service/users/ request.

 
 
CVE-2022-22833

NVD-CWE-noinfo
 

 
An issue was discovered in Servisnet Tessa 0.0.2. An attacker can obtain sensitive information via a /js/app.js request.

 


Copyright 2024, cxsecurity.com

 

Back to Top