RSS   Podatności dla 'Pleasanter'   RSS

2023-12-06
 
CVE-2023-34439

CWE-79
 

 
Pleasanter 1.3.47.0 and earlier contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the user's web browser.

 
 
CVE-2023-45210

CWE-Other
 

 
Pleasanter 1.3.47.0 and earlier contains an improper access control vulnerability, which may allow a remote authenticated attacker to view the temporary files uploaded by other users who are not permitted to access.

 
 
CVE-2023-46688

CWE-601
 

 
Open redirect vulnerability in Pleasanter 1.3.47.0 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL.

 


Copyright 2024, cxsecurity.com

 

Back to Top