Filtered by vendor Uniguest
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25759 | 1 Uniguest | 1 Tripleplay | 2023-12-10 | N/A | 5.4 MEDIUM |
| OS Command Injection in TripleData Reporting Engine in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated users to run unprivileged OS level commands via a crafted request payload. | |||||
| CVE-2023-25760 | 1 Uniguest | 1 Tripleplay | 2023-12-10 | N/A | 8.8 HIGH |
| Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords via a crafted request payload | |||||
| CVE-2023-26599 | 1 Uniguest | 1 Tripleplay | 2023-12-10 | N/A | 6.1 MEDIUM |
| XSS vulnerability in TripleSign in Tripleplay Platform releases prior to Caveman 3.4.0 allows attackers to inject client-side code to run as an authenticated user via a crafted link. | |||||