RSS   Vulnerabilities for 'Cerebrate'   RSS

2022-02-18
 
CVE-2022-25317

CWE-79
 

 
An issue was discovered in Cerebrate through 1.4. genericForm allows reflected XSS in form descriptions via a user-controlled description.

 
 
CVE-2022-25318

CWE-668
 

 
An issue was discovered in Cerebrate through 1.4. An incorrect sharing group ACL allowed an unprivileged user to edit and modify sharing groups.

 
 
CVE-2022-25319

NVD-CWE-noinfo
 

 
An issue was discovered in Cerebrate through 1.4. Endpoints could be open even when not enabled.

 
 
CVE-2022-25320

NVD-CWE-noinfo
 

 
An issue was discovered in Cerebrate through 1.4. Username enumeration could occur.

 
 
CVE-2022-25321

CWE-79
 

 
An issue was discovered in Cerebrate through 1.4. XSS could occur in the bookmarks component.

 


Copyright 2024, cxsecurity.com

 

Back to Top