Filtered by vendor Pleasanter
Subscribe
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-34439 | 1 Pleasanter | 1 Pleasanter | 2023-12-12 | N/A | 5.4 MEDIUM |
| Pleasanter 1.3.47.0 and earlier contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the user's web browser. | |||||
| CVE-2023-45210 | 1 Pleasanter | 1 Pleasanter | 2023-12-11 | N/A | 4.3 MEDIUM |
| Pleasanter 1.3.47.0 and earlier contains an improper access control vulnerability, which may allow a remote authenticated attacker to view the temporary files uploaded by other users who are not permitted to access. | |||||
| CVE-2023-46688 | 1 Pleasanter | 1 Pleasanter | 2023-12-11 | N/A | 6.1 MEDIUM |
| Open redirect vulnerability in Pleasanter 1.3.47.0 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. | |||||
| CVE-2023-32607 | 1 Pleasanter | 1 Pleasanter | 2023-12-10 | N/A | 5.4 MEDIUM |
| Stored cross-site scripting vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script. | |||||
| CVE-2023-32608 | 1 Pleasanter | 1 Pleasanter | 2023-12-10 | N/A | 6.5 MEDIUM |
| Directory traversal vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the server. | |||||
| CVE-2023-30758 | 1 Pleasanter | 1 Pleasanter | 2023-12-10 | N/A | 5.4 MEDIUM |
| Cross-site scripting vulnerability in Pleasanter 1.3.38.1 and earlier allows a remote authenticated attacker to inject an arbitrary script. | |||||