24 matches found
EUVD-2025-13255
Malicious code in bioql PyPI...
CVE-2024-48906
Sematell ReplyOne 7.4.3.0 allows XSS via a ReplyDesk e-mail attachment name...
CVE-2024-48907
Sematell ReplyOne 7.4.3.0 allows SSRF via the application server API...
CVE-2024-48905
Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint...
CVE-2024-48907
Sematell ReplyOne 7.4.3.0 allows SSRF via the application server API...
CVE-2024-48906
Sematell ReplyOne 7.4.3.0 allows XSS via a ReplyDesk e-mail attachment name...
CVE-2024-48905
Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint...
CVE-2024-48907
Sematell ReplyOne 7.4.3.0 allows SSRF via the application server API...
CVE-2024-48905
Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint...
CVE-2024-48907
Sematell ReplyOne 7.4.3.0 allows SSRF via the application server API...
Sematell ReplyOne 安全漏洞
Sematell ReplyOne is an artificial intelligence-based reply management software from Sematell. A security vulnerability exists in Sematell ReplyOne version 7.4.3.0 that stems from the presence of cross-site scripting via ReplyDesk email attachment names...
Sematell ReplyOne 安全漏洞
Sematell ReplyOne is an artificial intelligence-based reply management software from Sematell. A security vulnerability exists in Sematell ReplyOne version 7.4.3.0, which stems from insufficient permissions on the /rest/sessions endpoint and could lead to unsafe direct object references...
CVE-2024-48907
The CVE-2024-48907 reference concerns Sematell ReplyOne version 7.4.3.0 that is susceptible to Server-Side Request Forgery (SSRF) through the application server API. The available sources describe the vulnerability as enabling the application server to initiate unauthorized external requests, wit...
CVE-2024-48906
Sematell ReplyOne 7.4.3.0 allows XSS via a ReplyDesk e-mail attachment name...
Sematell ReplyOne 安全漏洞
Sematell ReplyOne is an artificial intelligence-based reply management software from Sematell. A security vulnerability exists in Sematell ReplyOne version 7.4.3.0 that stems from the presence of a server-side request forgery that could result in sending unauthorized requests...
CVE-2024-48905
CVE-2024-48905 affects Sematell ReplyOne 7.4.3.0 with insecure permissions on the /rest/sessions endpoint, enabling potential unauthorized access. Root cause: insufficient access controls. CVSS v3.1 base score 9.1 (CRITICAL) affecting confidentiality and integrity. Exploitation details are not pr...
PT-2025-18713 · Sematell · Sematell Replyone
Name of the Vulnerable Software and Affected Versions: Sematell ReplyOne version 7.4.3.0 Description: The issue allows for cross-site scripting XSS attacks through a ReplyDesk e-mail attachment name. This means an attacker could potentially inject malicious scripts into the system by manipulating...
PT-2025-18714 · Sematell · Sematell Replyone
Name of the Vulnerable Software and Affected Versions: Sematell ReplyOne version 7.4.3.0 Description: The issue allows Server-Side Request Forgery SSRF through the application server API. This means an attacker could potentially manipulate the server into making unauthorized requests...
CVE-2024-48905
Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint...
CVE-2024-48906
CVE-2024-48906 affects Sematell ReplyOne 7.4.3.0. The vulnerability is an XSS flaw that can be triggered via the name of a ReplyDesk email attachment. The PT-2015-18713 entry provides the concrete vector: attachment-name-based XSS. Remediation in the connected details includes input validation/sa...