Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:42 p.m.6 views

CVE-2023-25760

Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords via a crafted request payload...

8.8CVSS6.7AI score0.00571EPSS
Exploits0References1
OSV
OSV
added 2023/04/19 12:15 p.m.7 views

CVE-2023-26599

XSS vulnerability in TripleSign in Tripleplay Platform releases prior to Caveman 3.4.0 allows attackers to inject client-side code to run as an authenticated user via a crafted link...

6.1CVSS6.4AI score0.00357EPSS
Exploits0References2
NVD
NVD
added 2023/04/19 12:15 p.m.34 views

CVE-2023-26599

XSS vulnerability in TripleSign in Tripleplay Platform releases prior to Caveman 3.4.0 allows attackers to inject client-side code to run as an authenticated user via a crafted link...

6.1CVSS5.9AI score0.00357EPSS
Exploits0References2
OSV
OSV
added 2023/04/19 12:15 p.m.5 views

CVE-2023-25760

Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords via a crafted request payload...

8.8CVSS5.8AI score0.00571EPSS
Exploits0References2
NVD
NVD
added 2023/04/19 12:15 p.m.37 views

CVE-2023-25759

OS Command Injection in TripleData Reporting Engine in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated users to run unprivileged OS level commands via a crafted request payload...

5.4CVSS5.7AI score0.00871EPSS
Exploits0References2
Prion
Prion
added 2023/04/19 12:15 p.m.23 views

Cross site request forgery (csrf)

Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords via a crafted request payload...

6.5CVSS8.3AI score0.00571EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/04/19 12:0 a.m.64 views

CVE-2023-26599

CVE-2023-26599 describes an XSS vulnerability in Tripleplay Platform’s TripleSign component, affecting releases prior to Caveman 3.4.0. The issue allows an attacker to inject client-side code and execute it in the context of an authenticated user via a crafted link. The available sources consiste...

6.1CVSS5.8AI score0.00357EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/04/19 12:0 a.m.30 views

CVE-2023-25760

Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords via a crafted request payload...

8.6AI score0.00571EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/04/19 12:0 a.m.37 views

CVE-2023-25759

OS Command Injection in TripleData Reporting Engine in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated users to run unprivileged OS level commands via a crafted request payload...

6AI score0.00871EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/04/19 12:0 a.m.18 views

CVE-2023-26599

XSS vulnerability in TripleSign in Tripleplay Platform releases prior to Caveman 3.4.0 allows attackers to inject client-side code to run as an authenticated user via a crafted link...

6AI score0.00357EPSS
Exploits0References2
Rows per page
Query Builder