Lucene search
+L

58 matches found

Vulnrichment
Vulnrichment
added 2023/05/12 12:0 a.m.6 views

CVE-2023-2675 Improper Restriction of Excessive Authentication Attempts in linagora/twake

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 2023.Q1.1223...

5.5CVSS9.6AI score0.00591EPSS
Exploits1References2
CVE
CVE
added 2023/05/12 12:0 a.m.35 views

CVE-2023-2675

CVE-2023-2675 targets linagora/twake versions prior to 2023.Q1.1223, where there is an improper restriction of excessive authentication attempts. Public assessments indicate high-impact potential (confidentiality, integrity, and availability). The vulnerability is tied to brute-force-like behavio...

9.8CVSS6.6AI score0.00591EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/12 12:0 a.m.5 views

PT-2023-20777 · Linagora · Linagora/Twake

Name of the Vulnerable Software and Affected Versions: linagora/twake versions prior to 2023.Q1.1223 Description: The issue is related to improper restriction of excessive authentication attempts. Recommendations: For versions prior to 2023.Q1.1223, update to version 2023.Q1.1223 or later to...

9.8CVSS5.4AI score0.00591EPSS
Exploits1References4
Prion
Prion
added 2023/03/27 10:15 p.m.16 views

Input validation

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0...

4.3CVSS9.6AI score0.0062EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/27 12:0 a.m.7 views

CVE-2023-1665 Improper Restriction of Excessive Authentication Attempts in linagora/twake

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0...

7.8CVSS9.6AI score0.0062EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/03/27 12:0 a.m.19 views

CVE-2023-1665 Improper Restriction of Excessive Authentication Attempts in linagora/twake

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0...

7.8CVSS9.8AI score0.0062EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/03/27 12:0 a.m.5 views

Twake 安全漏洞

Twake is a secure open-source collaboration platform open-sourced by LINAGORA that improves organizational productivity. A security vulnerability exists in linagora/twake version 2022.Q4.1120 that stems from the lack of protection against brute force attacks on the login page...

9.8CVSS7.6AI score0.0062EPSS
Exploits1References3
CVE
CVE
added 2023/03/27 12:0 a.m.71 views

CVE-2023-1665

CVE-2023-1665 affects linagora/twake (versions prior to 0.0.0). The root cause is improper restriction of excessive authentication attempts, enabling brute-force login on the login endpoint (example PoC shows repeated login attempts against /internal/services/console/v1/login). Impact is high: po...

9.8CVSS8.9AI score0.0062EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/03/27 12:0 a.m.13 views

CVE-2023-1665 Improper Restriction of Excessive Authentication Attempts in linagora/twake

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0...

7.8CVSS7.9AI score0.0062EPSS
Exploits1References4
Huntr
Huntr
added 2023/01/11 8:52 p.m.27 views

No Protection Against Bruteforce Attacks on Login Page

Description Twake does not limit unsuccessfull login attempts allowing an attacker to brute force the password of an administrator or regular user. Proof of Concept Steps to reproduce Because Twake does not rate limit authentication attempts an attacker could either bruteforce both the login and...

7.5CVSS9.1AI score0.0062EPSS
Exploits1References1
NVD
NVD
added 2023/01/01 1:15 a.m.26 views

CVE-2023-0028

Cross-site Scripting XSS - Stored in GitHub repository linagora/twake prior to 2023.Q1.1200+...

5.7CVSS5.4AI score0.40916EPSS
Exploits1References2
Prion
Prion
added 2023/01/01 1:15 a.m.19 views

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository linagora/twake prior to 2023.Q1.1200+...

4.9CVSS5.3AI score0.40916EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/01 12:0 a.m.14 views

CVE-2023-0028 Cross-site Scripting (XSS) - Stored in linagora/twake

Cross-site Scripting XSS - Stored in GitHub repository linagora/twake prior to 2023.Q1.1200+...

5.7CVSS6AI score0.40916EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/01/01 12:0 a.m.5 views

PT-2023-15957 · Linagora · Linagora/Twake

Name of the Vulnerable Software and Affected Versions: linagora/twake versions prior to 2023.Q1.1200+ Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input and later displays it without proper validation, allowing attackers to...

5.7CVSS5.1AI score0.40916EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/01/01 12:0 a.m.23 views

Twake 跨站脚本漏洞

Twake is a secure open source collaboration platform open sourced by LINAGORA that improves organizational productivity. Twake suffers from a cross-site scripting vulnerability that originates from the presence of XSS in the integration URL in linagora/twake, which allows javascript to be execute...

5.7CVSS5.2AI score0.40916EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/01/01 12:0 a.m.33 views

CVE-2023-0028 Cross-site Scripting (XSS) - Stored in linagora/twake

Cross-site Scripting XSS - Stored in GitHub repository linagora/twake prior to 2023.Q1.1200+...

5.7CVSS5.6AI score0.40916EPSS
Exploits1References2
CVE
CVE
added 2023/01/01 12:0 a.m.62 views

CVE-2023-0028

The CVE-2023-0028 entry corresponds to a stored Cross-site Scripting (XSS) vulnerability in the linagora/twake repository, where injected scripts can execute when a user clicks an integration URL. Affected component: the integration URL handling in Twake prior to 2023.Q1.1200+. Root cause: unvali...

5.7CVSS5.3AI score0.40916EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/01/01 12:0 a.m.18 views

CVE-2023-0028 Cross-site Scripting (XSS) - Stored in linagora/twake

Cross-site Scripting XSS - Stored in GitHub repository linagora/twake prior to 2023.Q1.1200+...

5.7CVSS5.4AI score0.40916EPSS
Exploits1References4
Rows per page
Query Builder