CVE-2024-40407

A full path disclosure in Cybele Software Thinfinity Workspace before v7.0.2.113 allows attackers to obtain the root path of the application via unspecified vectors...

PT-2024-28830 · Cybele · Thinfinity Workspace

Name of the Vulnerable Software and Affected Versions: Cybele Software Thinfinity Workspace versions prior to 7.0.2.113 Description: The issue is related to an access control problem in the API endpoint where Web Sockets connections are established. Recommendations: For versions prior to 7.0.2.11...

CVE-2024-40410

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain a hardcoded cryptographic key used for encryption...

PT-2024-28832 · Cybele · Thinfinity Workspace

Name of the Vulnerable Software and Affected Versions: Cybele Software Thinfinity Workspace versions prior to 7.0.2.113 Description: A full path disclosure issue allows attackers to obtain the root path of the application via unspecified vectors. This could potentially be exploited to gain...

CVE-2024-40407

A full path disclosure in Cybele Software Thinfinity Workspace before v7.0.2.113 allows attackers to obtain the root path of the application via unspecified vectors...