tp4a TELEPORT 3.1.0 allows XSS via the login page because a crafted username is mishandled when an administrator later views the system log.
6.1CVSS
5.8AI Score
0.001EPSS
tp4a TELEPORT 3.1.0 has CSRF via user/do-reset-password to change any password, such as the administrator password.
8.8CVSS
8.7AI Score
0.001EPSS