RSS   Vulnerabilities for 'Passwork'   RSS

2022-03-23
 
CVE-2022-25266

CWE-22
 
 
Passwork On-Premise Edition before 4.6.13 allows migration/downloadExportFile Directory Traversal (to read files).

 
 
CVE-2022-25267

CWE-22
 
 
Passwork On-Premise Edition before 4.6.13 allows migration/uploadExportFile Directory Traversal (to upload files).

 
 
CVE-2022-25268

CWE-352
 
 
Passwork On-Premise Edition before 4.6.13 allows CSRF via the groups, password, and history subsystems.

 
 
CVE-2022-25269

CWE-79
 
 
Passwork On-Premise Edition before 4.6.13 has multiple XSS issues.

 

Copyright 2024, cxsecurity.com

 

Back to Top