CVE-2022-45179

An issue was discovered in LIVEBOX Collaboration vDesk through v031. A basic XSS vulnerability exists under the /api/v1/vdeskintegration/todo/createorupdate endpoint via the title parameter and /dashboard/reminders. A remote user authenticated to the product can store arbitrary HTML code in the...

PT-2024-11693 · Unknown · Livebox Collaboration Vdesk

Name of the Vulnerable Software and Affected Versions: LIVEBOX Collaboration vDesk versions through v031 Description: A basic XSS issue exists under the "/api/v1/vdeskintegration/todo/createorupdate" endpoint via the title parameter and "/dashboard/reminders". A remote user, authenticated to the...

CVE-2022-26246

TMS v2.28.0 was discovered to contain a cross-site scripting XSS vulnerability in the component /TMS/admin/setting/mail/createorupdate...

TMS 跨站脚本漏洞

TMS is a channel-based team communication and collaboration + lightweight task dashboard by weicheng individual developers. A security vulnerability exists in TMS v2.28.0, which can be exploited by attackers via the component /TMS/admin/setting/mail/createorupdate...

CVE-2021-39695

In createOrUpdate of BasePermission.java, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:...

CVE-2021-0923

In createOrUpdate of Permission.java, there is a possible way to gain internal permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

ASB-A-195338390

In createOrUpdate of Permission.java, there is a possible way to gain internal permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...