5 matches found
HealthForYou 1.11.1 / HealthCoach 2.9.2 Missing Password Policy
Trovent Security Advisory 2104-03 Missing server-side password policy Overview Advisory ID: TRSA-2104-03 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2104-03 Affected product: HealthForYou & Sanitas HealthCoach mobile and web applications Tested...
HealthForYou 1.11.1 / HealthCoach 2.9.2 User Enumeration Vulnerability
User enumeration through API Overview Advisory ID: TRSA-2104-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2104-01 Affected product: HealthForYou & Sanitas HealthCoach mobile and web applications Tested versions: HealthForYou 1.11.1...
HealthForYou 1.11.1 / HealthCoach 2.9.2 Account Takeover Vulnerability
HealthForYou version 1.11.1 and HealthCoach version 2.9.2 have a vulnerability that allows for account takeover with only prior knowledge of the user's email address needed. Account takeover with only email address possible Overview Advisory ID: TRSA-2104-02 Advisory version: 1.0 Advisory status:...
HealthForYou 1.11.1 / HealthCoach 2.9.2 Account Takeover
Trovent Security Advisory 2104-02 Account takeover with only email address possible Overview Advisory ID: TRSA-2104-02 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2104-02 Affected product: HealthForYou & Sanitas HealthCoach mobile and web...
HealthForYou 1.11.1 / HealthCoach 2.9.2 User Enumeration
Trovent Security Advisory 2104-01 User enumeration through API Overview Advisory ID: TRSA-2104-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2104-01 Affected product: HealthForYou & Sanitas HealthCoach mobile and web applications Tested...