2 matches found
Serious vulnerabilities found in ITarian software, patches available for SaaS products
Dutch research group DIVD has identified multiple vulnerabilities in ITarian products. In cooperation with DIVD, ITarian has made patches available to deal with these vulnerabilities for its SaaS platform. Software as a service SaaS is a software distribution model in which a cloud provider hosts...
CVE-2022-25151
CVE-2022-25151 affects ITarian Platform – Service Desk (SaaS and on‑premise). Root cause: cookies not marked HttpOnly, enabling sensitive data exposure. Exploitation requires combination with a user XSS to access the management interface. In the published advisories, SaaS patches were released up...