5 matches found
CVE-2023-45210
Pleasanter 1.3.47.0 and earlier contains an improper access control vulnerability, which may allow a remote authenticated attacker to view the temporary files uploaded by other users who are not permitted to access...
CVE-2023-45210
Pleasanter 1.3.47.0 and earlier are affected by CVE-2023-45210 (improper access control) allowing a remote authenticated attacker to view other users’ temporary files. A fixed version is Pleasanter 1.3.48.0; organizations should upgrade to mitigate exposure. No exploit details are provided in the...
CVE-2023-45210
Pleasanter 1.3.47.0 and earlier contains an improper access control vulnerability, which may allow a remote authenticated attacker to view the temporary files uploaded by other users who are not permitted to access...
Multiple vulnerabilities in Pleasanter
Overview Pleasanter provided by Implem Inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability CWE-79 - CVE-2023-34439 Improper access control vulnerability CWE-284 - CVE-2023-45210 Open redirect vulnerability CWE-601 - CVE-2023-46688 Authentication bypass...
JVN#96209256: Multiple vulnerabilities in Pleasanter
Pleasanter provided by Implem Inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability CWE-79 - CVE-2023-34439 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2| AV:N/AC:M/Au:S/C:N/I:P/A:N| Base...