PT-2024-40295 · Thelia · Thelia

Name of the Vulnerable Software and Affected Versions: thelia/thelia versions 2.1.0-beta1 through 2.1.2 Description: An authentication bypass issue was identified, affecting both customer and admin authentication. Recommendations: For thelia/thelia versions 2.1.0-beta1 through 2.1.2, update to...

CVE-2023-50343

HCL DRYiCE MyXalytics is impacted by an Improper Access Control Controller APIs vulnerability. Certain API endpoints are accessible to Customer Admin Users that can allow access to sensitive information about other users...

Improper access control

HCL DRYiCE MyXalytics is impacted by an Improper Access Control Controller APIs vulnerability. Certain API endpoints are accessible to Customer Admin Users that can allow access to sensitive information about other users...

CVE-2023-50343 Improper Access Control (Controller APIs) affects DRYiCE MyXalytics

HCL DRYiCE MyXalytics is impacted by an Improper Access Control Controller APIs vulnerability. Certain API endpoints are accessible to Customer Admin Users that can allow access to sensitive information about other users...

PT-2024-13913 · Hcl · Hcl Dryice Myxalytics

Name of the Vulnerable Software and Affected Versions: HCL DRYiCE MyXalytics affected versions not specified Description: The issue is related to an Improper Access Control vulnerability in Controller APIs. Certain API endpoints, such as "/api/v1/login" or "/users/id", are accessible to Customer...