7 matches found
EUVD-2025-203381
The Convercent Whistleblowing Platform operated by EQS Group contains a protection mechanism failure in its browser and session handling. By default, affected deployments omit HTTP security headers such as Content-Security-Policy, Referrer-Policy, Permissions-Policy, Cross-Origin-Embedder-Policy,...
PT-2025-51235
Name of the Vulnerable Software and Affected Versions Convercent Whistleblowing Platform versions affected versions not specified Description The application exhibits a protection mechanism failure in browser and session handling. It lacks essential HTTP security headers, including...
CVE-2025-34413 Legality WHISTLEBLOWING Missing Critical HTTP Security Headers
Legality WHISTLEBLOWING by DigitalPA contains a protection mechanism failure in which critical HTTP security headers are not emitted by default. Affected deployments omit Content-Security-Policy, Referrer-Policy, Permissions-Policy, Cross-Origin-Embedder-Policy, Cross-Origin-Opener-Policy, and...
CVE-2024-37131
SCG Policy Manager, all versions, contains an overly permissive Cross-Origin Resource Policy CORP vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious actions on the application in the context of the authenticated use...
CVE-2024-37131
SCG Policy Manager, all versions, contains an overly permissive Cross-Origin Resource Policy CORP vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious actions on the application in the context of the authenticated use...
CVE-2024-37131
The CVE-2024-37131 affects Dell SCG/Policy Manager across versions, due to an overly permissive Cross-Origin Resource Policy (CORP). A remote, unauthenticated attacker could perform actions in an authenticated user’s context. Public details confirm the vulnerability and its impact; remediation is...
CVE-2024-37131
SCG Policy Manager, all versions, contains an overly permissive Cross-Origin Resource Policy CORP vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious actions on the application in the context of the authenticated use...