3 matches found
Multiple vulnerabilities in Pleasanter
Overview Pleasanter provided by Implem Inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability CWE-79 - CVE-2023-34439 Improper access control vulnerability CWE-284 - CVE-2023-45210 Open redirect vulnerability CWE-601 - CVE-2023-46688 Authentication bypass...
JVN#96209256: Multiple vulnerabilities in Pleasanter
Pleasanter provided by Implem Inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability CWE-79 - CVE-2023-34439 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2| AV:N/AC:M/Au:S/C:N/I:P/A:N| Base...
CVE-2023-41890
Sustainsys.Saml2 (used to add SAML2P to ASP.NET sites) contains CVE-2023-41890 due to insufficient validation of the IdP issuer when processing a response. This can let a malicious IdP craft a SAML2 response that appears to come from another IdP, and an end user could cause stored AuthenticationP...