Filtered by vendor Annexcloud
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-31929 | 1 Annexcloud | 1 Loyalty Experience Platform | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify loyalty campaigns and settings, such as fraud prevention, coupon groups, email templates, or referrals. | |||||
CVE-2021-31928 | 1 Annexcloud | 1 Loyalty Experience Platform | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to escalate privileges to superadministrator. It was fixed in v2021.1.0.2. | |||||
CVE-2021-31927 | 1 Annexcloud | 1 Loyalty Experience Platform | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
An Insecure Direct Object Reference (IDOR) vulnerability in Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify any existing user, including users assigned to different environments and clients. It was fixed in v2021.1.0.2. |