Lucene search

Quorum Security Vulnerabilities

cve

CVE-2021-37445

In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading.

6.5CVSS

6.4AI Score

0.001EPSS

2021-07-25 10:15 PM

cve

CVE-2021-37446

In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading.

4.3CVSS

4.6AI Score

0.001EPSS

2021-07-25 10:15 PM

cve

CVE-2021-37447

In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion.

8.1CVSS

8AI Score

0.001EPSS

2021-07-25 10:15 PM

cve

CVE-2021-37463

In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored).

5.4CVSS

5.2AI Score

0.001EPSS

2021-07-25 09:15 PM

cve

CVE-2021-37464

In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored).

5.4CVSS

5.2AI Score

0.001EPSS

2021-07-25 09:15 PM

cve

CVE-2021-37465

In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected).

5.4CVSS

5.2AI Score

0.001EPSS

2021-07-25 09:15 PM

cve

CVE-2021-37466

In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected).

5.4CVSS

5.2AI Score

0.001EPSS

2021-07-25 09:15 PM

cve

CVE-2021-37467

In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= (reflected).

5.4CVSS

5.2AI Score

0.001EPSS

2021-07-25 09:15 PM