Appspace 6.2.4 - Server-Side Request Forgery

Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter. id: CVE-2021-27670 info: name: Appspace 6.2.4 - Server-Side Request Forgery author: ritikchaddha severity: critical description: Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter. impact...

CVE-2021-27564

A stored XSS issue exists in Appspace 6.2.4. After a user is authenticated and enters an XSS payload under the groups section of the network tab, it is stored as the group name. Whenever another member visits that group, this payload executes...

CVE-2021-27670

Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter...

CVE-2021-27704

Appspace 6.2.4 is affected by Incorrect Access Control via the Appspace Web Portal password reset page...

VulnCheck KEV: CVE-2021-27670

Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter...

EUVD-2021-14315

Malware in sbrugna...

EUVD-2021-14708

Malware in sbrugna...

EUVD-2021-14707

Malware in sbrugna...

EUVD-2020-26574

Malware in sbrugna...

CVE-2021-27990

Appspace 6.2.4 is vulnerable to a broken authentication mechanism where pages such as /medianet/mail.aspx can be called directly and the framework is exposed with layouts, menus and functionalities...

CVE-2021-27989

Appspace 6.2.4 is vulnerable to stored cross-site scripting XSS in multiple parameters within /medianet/sgcontentset.aspx...

CVE-2021-27704

Appspace 6.2.4 is affected by Incorrect Access Control via the Appspace Web Portal password reset page...

CVE-2021-27704

Appspace 6.2.4 is affected by Incorrect Access Control via the Appspace Web Portal password reset page...

PT-2024-10910 · Appspace · Appspace

Name of the Vulnerable Software and Affected Versions: Appspace version 6.2.4 Description: The issue is related to Incorrect Access Control via the Appspace Web Portal password reset page. This allows potential exploitation. The estimated number of potentially affected devices worldwide is not...

CVE-2021-27704

Appspace 6.2.4 is affected by an Incorrect Access Control in the Web Portal password reset page. Root cause stated as an access control error affecting confidentiality (high impact) with CVSS 3.1 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N). Exploitation details are not provided in the documents. Remedi...

Appspace 安全漏洞

Appspace is a software application from Appspace, Inc. provides built-in content policies to easily implement and enforce team communication programs. A security vulnerability exists in Appspace version 6.2.4 that stems from an access control error...

CVE-2021-27704

Appspace 6.2.4 is affected by Incorrect Access Control via the Appspace Web Portal password reset page...

CVE-2021-27704

Appspace 6.2.4 is affected by Incorrect Access Control via the Appspace Web Portal password reset page...

docs.appspace.com Cross Site Scripting vulnerability OBB-3347318

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Appspace Authorization Issues Vulnerabilities

Appspace is an application from the US-based Appspace Inc. Provides built-in content strategies to easily implement and execute team communication programs. Appspace version 6.2.4 suffers from an authorization issue vulnerability that stems from being susceptible to authentication mechanism...