6 matches found
CVE-2021-31928
Annex Cloud Loyalty Experience Platform 2021.1.0.1 allows any authenticated attacker to escalate privileges to superadministrator. It was fixed in v2021.1.0.2...
CVE-2021-31927
An Insecure Direct Object Reference IDOR vulnerability in Annex Cloud Loyalty Experience Platform 2021.1.0.1 allows any authenticated attacker to modify any existing user, including users assigned to different environments and clients. It was fixed in v2021.1.0.2...
CVE-2021-31927
CVE-2021-31927 describes an Insecure Direct Object Reference (IDOR) in Annex Cloud Loyalty Experience Platform versions earlier than 2021.1.0.1, allowing any authenticated user to modify existing users across environments/clients. The issue is fixed in 2021.1.0.2. Affected component: Annex Cloud ...
CVE-2021-31929
Annex Cloud Loyalty Experience Platform 2021.1.0.1 allows any authenticated attacker to modify loyalty campaigns and settings, such as fraud prevention, coupon groups, email templates, or referrals...
CVE-2021-31929
Annex Cloud Loyalty Experience Platform 2021.1.0.1 allows any authenticated attacker to modify loyalty campaigns and settings, such as fraud prevention, coupon groups, email templates, or referrals...
CVE-2021-31928
Annex Cloud Loyalty Experience Platform 2021.1.0.1 allows any authenticated attacker to escalate privileges to superadministrator. It was fixed in v2021.1.0.2...