Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/29 3:18 p.m.7 views

CVE-2025-59892

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8.5CVSS6AI score0.00127EPSS
Exploits0References1
NVD
NVD
added 2026/01/28 12:15 p.m.8 views

CVE-2025-59899

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

5.4CVSS0.00173EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/28 12:0 p.m.3 views

CVE-2025-59900 Authenticated Cross-Site Scripting (XSS) vulnerability in Sync Breeze Enterprise Server

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

5.1CVSS5.9AI score0.00173EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/28 11:58 a.m.7 views

EUVD-2025-206496

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

5.1CVSS5.9AI score0.00173EPSS
Exploits0References1
CVE
CVE
added 2026/01/28 11:53 a.m.15 views

CVE-2025-59894

CVE-2025-59894 is a CSRF flaw affecting Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. The issue arises from missing CSRF token validation, enabling an authenticated attacker to induce other logged-in users to perform unintended actions, such as issuing a POST to delet...

8.5CVSS6AI score0.00124EPSS
Exploits0References1Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/01/28 11:52 a.m.3 views

CVE-2025-59892

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8.5CVSS6AI score0.00127EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2024/05/24 1:15 p.m.4 views

CVE-2023-49575

A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14, in Sync Breeze Enterprise Server 10.4.18 version, and in Disk Pulse Enterprise 10.4.18 version, that could allow an attacker to execute persistent XSS through /setupsmtp in smtpserver, smtpuser, smtppassword an...

6.1CVSS5.8AI score0.00254EPSS
Exploits0References1
Rows per page
Query Builder