58 matches found
PT-2026-24087
Name of the Vulnerable Software and Affected Versions linagora Twake version 2023.Q1.1223 Description An issue exists due to improper neutralization of input during web page generation, which allows attackers to execute arbitrary code. This is a Cross-Site Scripting XSS issue. Recommendations At...
CVE-2025-70038
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...
CVE-2025-70038
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...
CVE-2025-70037
An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in linagora Twake v2023.Q1.1223. This allows attackers to obtain sensitive information and execute arbitrary code...
PT-2026-24088
An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223...
CVE-2025-70038
CVE-2025-70038 affects linagora Twake v2023.Q1.1223. The issue is CWE-79 (Improper Neutralization of Input During Web Page Generation) enabling arbitrary code execution. Reported across multiple feeds (Red Hat, NVD, CIRCL, ENISA EUVD) with CVSSv3.1 base score 8.8 ( HIGH; AV:N/AC:L/PR:N/UI:R/S:U/C...
CVE-2025-70037
CVE-2025-70037 affects linagora Twake v2023.Q1.1223 and is tied to CWE-601 (URL Redirection to Untrusted Site). The Red Hat, NVD, CIRCL, EUVD, and other connected records confirm the vulnerability and describe the impact as allowing attackers to obtain sensitive information and to execute arbitra...
CVE-2025-70037
An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in linagora Twake v2023.Q1.1223. This allows attackers to obtain sensitive information and execute arbitrary code...
CVE-2025-70038
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...
CVE-2025-70039
An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223...
CVE-2025-70039
An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223...
CVE-2025-70037
An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in linagora Twake v2023.Q1.1223. This allows attackers to obtain sensitive information and execute arbitrary code...
CVE-2025-70038
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...
EUVD-2023-12133
Malicious code in bioql PyPI...
EUVD-2023-23893
Malicious code in bioql PyPI...
CVE-2023-0028
Cross-site Scripting XSS - Stored in GitHub repository linagora/twake prior to 2023.Q1.1200+...
CVE-2023-2675
Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 2023.Q1.1223...
CVE-2023-1665
Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0...
CVE-2023-2675
Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 2023.Q1.1223...
Twake Security Vulnerability
Twake is a secure open source collaboration platform open-sourced by LINAGORA that improves organizational productivity. A security vulnerability exists in versions prior to Twake 2023.Q1.1223 that stems from an improper restriction of too many authentication attempts...