Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-26599 | 1 Uniguest | 1 Tripleplay | 2024-11-21 | N/A | 6.1 MEDIUM |
XSS vulnerability in TripleSign in Tripleplay Platform releases prior to Caveman 3.4.0 allows attackers to inject client-side code to run as an authenticated user via a crafted link. | |||||
CVE-2023-25760 | 1 Uniguest | 1 Tripleplay | 2024-11-21 | N/A | 8.8 HIGH |
Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords via a crafted request payload | |||||
CVE-2023-25759 | 1 Uniguest | 1 Tripleplay | 2024-11-21 | N/A | 5.4 MEDIUM |
OS Command Injection in TripleData Reporting Engine in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated users to run unprivileged OS level commands via a crafted request payload. |