2 matches found
CVE-2026-57947 Pinpoint - Server-Side Request Forgery via Alarm Webhook Registration
Pinpoint through 3.1.0 contains a server-side request forgery vulnerability in the webhook registration endpoint that allows authenticated users to register internal URLs due to missing SSRF protection. Attackers can trigger alarm threshold breaches to force the server to issue POST requests to...
PT-2022-18490 · Kingspan · Kingspan Tms300 Cs
Name of the Vulnerable Software and Affected Versions: Kingspan TMS300 CS versions affected versions not specified Description: The issue is due to the lack of adequately implemented access-control rules, allowing an attacker to view and modify application settings without authenticating by...