Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:55 a.m.11 views

CVE-2020-12849

Pydio Cells 2.0.4 allows any user to upload a profile image to the web application, including standard and shared user roles. These profile pictures can later be accessed directly with the generated URL by any unauthenticated or authenticated user...

5.4CVSS6.9AI score0.00826EPSS
Exploits1References1
Check Point Advisories
Check Point Advisories
added 2020/06/30 12:0 a.m.22 views

Pydio Cells Cross-Site Scripting (CVE-2020-12849; CVE-2020-12853)

A cross site scripting vulnerability exists in Pydio Cells. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

4.3CVSS5.1AI score0.00826EPSS
Exploits2
CVE
CVE
added 2020/06/05 12:52 p.m.79 views

CVE-2020-12849

CVE-2020-12849 affects Pydio Cells 2.0.4. The vulnerability is a Stored Cross-Site Scripting (XSS) in profile pictures: any user can upload a profile image (including SVGs with embedded JavaScript) that can be accessed via a direct URL by any user (authenticated or not). Exploitation can trigger ...

5.4CVSS5.9AI score0.00826EPSS
Exploits1References3Affected Software1
Core Security
Core Security
added 2020/05/28 12:0 a.m.189 views

: Pydio Cells 2.04 Multiple Vulnerabilities

1. Advisory Information Title : Pydio Cells 2.04 Multiple Vulnerabilities Advisory ID : CORE-2020-0007 Advisory URL : https://www.coresecurity.com/core-labs/advisories/pydio-cells-204-multiple-vulnerabilities Date published : 2020-05-28 Date of last update : 2020-05-28 Vendors contacted : Pydio...

8.5CVSS8.4AI score0.0235EPSS
Exploits7
Rows per page
Query Builder