3 matches found
CVE-2020-24765
InterMind iMind Server up to version 3.13.65 is affected by an unauthenticated remote read of the self‑diagnostic archive via the endpoint /api/rs/monitoring/rs/api/system/dump-diagnostic-info?server=127.0.0.1. The issue allows remote attackers to access diagnostic archives, and reports describe ...
CVE-2020-25398
CVE-2020-25398 affects InterMind iMind Server up to version 3.13.65, via the csv export function. The root cause is CSV Injection in exported CSV data. CVSS-3.1 vector indicates Network attack, high impact to confidentiality, integrity, and availability (base 8.8). Practical exploitation details ...
CVE-2020-25399
CVE-2020-25399 affects InterMind iMind Server up to version 3.13.65. The issue is a Stored XSS in the chat file handling that allows any user to hijack another user’s session. Documents do not specify the exact vulnerable component or root cause details beyond the stored XSS in chat. Impact is de...