Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-31928 | 1 Annexcloud | 1 Loyalty Experience Platform | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
| Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to escalate privileges to superadministrator. It was fixed in v2021.1.0.2. | |||||
| CVE-2021-31927 | 1 Annexcloud | 1 Loyalty Experience Platform | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| An Insecure Direct Object Reference (IDOR) vulnerability in Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify any existing user, including users assigned to different environments and clients. It was fixed in v2021.1.0.2. | |||||
| CVE-2021-31929 | 1 Annexcloud | 1 Loyalty Experience Platform | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify loyalty campaigns and settings, such as fraud prevention, coupon groups, email templates, or referrals. | |||||