9 matches found
EUVD-2019-4365
Malware in sbrugna...
MAL-2025-6601 Malicious code in thoughtspot-rest-api-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in thoughtspot-rest-api-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=-...
CVE-2019-12782
An authorization bypass vulnerability in pinboard updates in ThoughtSpot 4.4.1 through 5.1.1 before 5.1.2 allows a low-privilege user with write access to at least one pinboard to corrupt pinboards of another user in the application by spoofing GUIDs in pinboard update requests, effectively...
CVE-2019-12782
An authorization bypass vulnerability in pinboard updates in ThoughtSpot 4.4.1 through 5.1.1 before 5.1.2 allows a low-privilege user with write access to at least one pinboard to corrupt pinboards of another user in the application by spoofing GUIDs in pinboard update requests, effectively...
CVE-2019-12782
An authorization bypass vulnerability in pinboard updates in ThoughtSpot 4.4.1 through 5.1.1 before 5.1.2 allows a low-privilege user with write access to at least one pinboard to corrupt pinboards of another user in the application by spoofing GUIDs in pinboard update requests, effectively...
Authorization
An authorization bypass vulnerability in pinboard updates in ThoughtSpot 4.4.1 through 5.1.1 before 5.1.2 allows a low-privilege user with write access to at least one pinboard to corrupt pinboards of another user in the application by spoofing GUIDs in pinboard update requests, effectively...
CVE-2019-12782
CVE-2019-12782 affects ThoughtSpot 4.4.1–5.1.1 (before 5.1.2). An authorization bypass in pinboard updates allows a low-privilege user with write access to at least one pinboard to corrupt or delete other users’ pinboards by spoofing GUIDs in pinboard update requests. CVSS v3 base score 8.1 (High...
CVE-2019-12782
An authorization bypass vulnerability in pinboard updates in ThoughtSpot 4.4.1 through 5.1.1 before 5.1.2 allows a low-privilege user with write access to at least one pinboard to corrupt pinboards of another user in the application by spoofing GUIDs in pinboard update requests, effectively...