OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions, and Password Reset...
9.8CVSS
9.4AI Score
0.003EPSS
OpenIAM before 4.2.0.3 allows remote attackers to execute arbitrary code via Groovy...
9.8CVSS
9.7AI Score
0.006EPSS
OpenIAM before 4.2.0.3 does not verify if a user has permissions to perform /webconsole/rest/api/* administrative...
8.1CVSS
8AI Score
0.001EPSS
5.3CVSS
5.3AI Score
0.001EPSS
6.1CVSS
5.9AI Score
0.001EPSS