Lucene search
K

26 matches found

Cvelist
Cvelist
added 2025/05/01 12:0 a.m.12 views

CVE-2024-48906

Sematell ReplyOne 7.4.3.0 allows XSS via a ReplyDesk e-mail attachment name...

0.00228EPSS
Exploits1References1
CVE
CVE
added 2025/05/01 12:0 a.m.58 views

CVE-2024-48906

CVE-2024-48906 affects Sematell ReplyOne 7.4.3.0. The vulnerability is an XSS flaw that can be triggered via the name of a ReplyDesk email attachment. The PT-2015-18713 entry provides the concrete vector: attachment-name-based XSS. Remediation in the connected details includes input validation/sa...

6.1CVSS5.9AI score0.00228EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/01 12:0 a.m.5 views

CVE-2024-48906

Sematell ReplyOne 7.4.3.0 allows XSS via a ReplyDesk e-mail attachment name...

5.9AI score0.00228EPSS
Exploits1References1
CVE
CVE
added 2025/05/01 12:0 a.m.67 views

CVE-2024-48905

CVE-2024-48905 affects Sematell ReplyOne 7.4.3.0 with insecure permissions on the /rest/sessions endpoint, enabling potential unauthorized access. Root cause: insufficient access controls. CVSS v3.1 base score 9.1 (CRITICAL) affecting confidentiality and integrity. Exploitation details are not pr...

9.1CVSS7AI score0.00359EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/05/01 12:0 a.m.57 views

CVE-2024-48907

The CVE-2024-48907 reference concerns Sematell ReplyOne version 7.4.3.0 that is susceptible to Server-Side Request Forgery (SSRF) through the application server API. The available sources describe the vulnerability as enabling the application server to initiate unauthorized external requests, wit...

7.5CVSS7AI score0.00359EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.6 views

PT-2025-18713 · Sematell · Sematell Replyone

Name of the Vulnerable Software and Affected Versions: Sematell ReplyOne version 7.4.3.0 Description: The issue allows for cross-site scripting XSS attacks through a ReplyDesk e-mail attachment name. This means an attacker could potentially inject malicious scripts into the system by manipulating...

6.1CVSS5.4AI score0.00228EPSS
Exploits1References5
Rows per page
Query Builder