3 matches found
CVE-2026-46425
Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM checks the Enterprise feature flag and SCIM config and doInScimContext sets the SCIM request context. There is no role check...
EUVD-2026-21883
The ZTE ZXEDM iEMS product has a password reset vulnerability for any user.Because the management of the cloud EMS portal does not properly control access to the user list acquisition function, attackers can read all user list information through the user list interface. Attackers can reset the...
CVE-2024-10469 CERT/CC VINCE versions before 3.0.9 allows authenticated user to access User Management view.
VINCE versions before 3.0.9 is vulnerable to exposure of User information to authenticated users...