Cross-site scripting (XSS) vulnerability in Avolve Software ProjectDox 8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
5.8AI Score
0.001EPSS
Avolve Software ProjectDox 8.1 allows remote authenticated users to obtain sensitive information from other users via vectors involving a direct access token.
6.5CVSS
5.9AI Score
0.002EPSS
Avolve Software ProjectDox 8.1 makes it easier for remote authenticated users to obtain sensitive information by leveraging ciphertext reuse.
6.5CVSS
6AI Score
0.002EPSS
Avolve Software ProjectDox 8.1 allows remote attackers to enumerate users via vectors related to email addresses.
4.3CVSS
4.6AI Score
0.001EPSS