Vulnerabilities (CVE)

Filtered by vendor Pleasanter Subscribe
Filtered by product Pleasanter
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-46688 1 Pleasanter 1 Pleasanter 2024-11-21 N/A 6.1 MEDIUM
Open redirect vulnerability in Pleasanter 1.3.47.0 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL.
CVE-2023-45210 1 Pleasanter 1 Pleasanter 2024-11-21 N/A 4.3 MEDIUM
Pleasanter 1.3.47.0 and earlier contains an improper access control vulnerability, which may allow a remote authenticated attacker to view the temporary files uploaded by other users who are not permitted to access.
CVE-2023-34439 1 Pleasanter 1 Pleasanter 2024-11-21 N/A 5.4 MEDIUM
Pleasanter 1.3.47.0 and earlier contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the user's web browser.
CVE-2023-32608 1 Pleasanter 1 Pleasanter 2024-11-21 N/A 6.5 MEDIUM
Directory traversal vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the server.
CVE-2023-32607 1 Pleasanter 1 Pleasanter 2024-11-21 N/A 5.4 MEDIUM
Stored cross-site scripting vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script.
CVE-2023-30758 1 Pleasanter 1 Pleasanter 2024-11-21 N/A 5.4 MEDIUM
Cross-site scripting vulnerability in Pleasanter 1.3.38.1 and earlier allows a remote authenticated attacker to inject an arbitrary script.