2 matches found
PT-2026-54831
Name of the Vulnerable Software and Affected Versions MCO version 25.3.3.1 Description Insufficient authorization enforcement occurs in the '/customer/servlet/mco/webapi/admin-view-hierarchy/get-acl-tree-structure' endpoint. This allows an authenticated user with low privileges to retrieve...
PT-2024-27677 · Phpvod · Phpvod
Name of the Vulnerable Software and Affected Versions: PHPVOD version 4.0 Description: A reflected cross-site scripting XSS issue was found in PHPVOD. The issue is related to the id parameter at the "/view/admin/view.php" API endpoint. Recommendations: For PHPVOD version 4.0, avoid using the id...