Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Cerebrate-project Security Vulnerabilities

cve
cve

CVE-2022-25317

An issue was discovered in Cerebrate through 1.4. genericForm allows reflected XSS in form descriptions via a user-controlled description.

6.1CVSS

5.9AI Score

0.001EPSS

2022-02-18 06:15 AM
68
cve
cve

CVE-2022-25318

An issue was discovered in Cerebrate through 1.4. An incorrect sharing group ACL allowed an unprivileged user to edit and modify sharing groups.

4.3CVSS

4.5AI Score

0.001EPSS

2022-02-18 06:15 AM
73
cve
cve

CVE-2022-25319

An issue was discovered in Cerebrate through 1.4. Endpoints could be open even when not enabled.

5.3CVSS

5.2AI Score

0.001EPSS

2022-02-18 06:15 AM
68
cve
cve

CVE-2022-25320

An issue was discovered in Cerebrate through 1.4. Username enumeration could occur.

5.3CVSS

5.2AI Score

0.001EPSS

2022-02-18 06:15 AM
71
cve
cve

CVE-2022-25321

An issue was discovered in Cerebrate through 1.4. XSS could occur in the bookmarks component.

6.1CVSS

5.9AI Score

0.001EPSS

2022-02-18 06:15 AM
81
cve
cve

CVE-2023-26468

Cerebrate 1.12 does not properly consider organisation_id during creation of API keys.

9.1CVSS

9.1AI Score

0.001EPSS

2023-02-24 12:15 AM
24
cve
cve

CVE-2023-28883

In Cerebrate 1.13, a blind SQL injection exists in the searchAll API endpoint.

9.8CVSS

9.7AI Score

0.001EPSS

2023-03-27 03:15 AM
63
cve
cve

CVE-2023-41363

In Cerebrate 1.14, a vulnerability in UserSettingsController allows authenticated users to change user settings of other users.

4.3CVSS

4.4AI Score

0.0004EPSS

2023-08-29 05:15 AM
15
cve
cve

CVE-2023-41908

Cerebrate before 1.15 lacks the Secure attribute for the session cookie.

5.3CVSS

5.3AI Score

0.0005EPSS

2023-09-05 07:15 AM
8