Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Indico Security Vulnerabilities - February

cve
cve

CVE-2021-30185

CERN Indico before 2.3.4 can use an attacker-supplied Host header in a password reset link.

7.5CVSS

7.5AI Score

0.001EPSS

2021-04-07 02:15 PM
42
cve
cve

CVE-2023-37901

Indico is an open source a general-purpose, web based event management tool. There is a Cross-Site-Scripting vulnerability in confirmation prompts commonly used when deleting content from Indico. Exploitation requires someone with at least submission privileges (such as a speaker) and then someone ...

5.4CVSS

5.3AI Score

0.001EPSS

2023-07-21 07:15 PM
32
cve
cve

CVE-2024-45399

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In Indico prior to version 3.3.4, corresponding to Flask-Multipass prior to version 0.5.5, there is a Cross-Site-Scripting vulnerability during account creation when redirecting to the n...

6.1CVSS

7.1AI Score

0.0004EPSS

2024-09-04 08:15 PM
23