Imind Server Security Vulnerabilities and Issues — Imind Server CVE List

Lucene search

MindImind Server

3 matches found

CVE•added 2020/10/20 8:15 p.m.•58 views

CVE-2020-24765

InterMind iMind Server through 3.13.65 allows remote unauthenticated attackers to read the self-diagnostic archive via a direct api/rs/monitoring/rs/api/system/dump-diagnostic-info?server=127.0.0.1 request.

7.5CVSS7.4AI score0.53277EPSS

CVE•added 2020/11/05 4:15 p.m.•40 views

CVE-2020-25398

CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality.

8.8CVSS8.8AI score0.09532EPSS

CVE•added 2020/11/05 4:15 p.m.•33 views

CVE-2020-25399

Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat.

7.8CVSS7.1AI score0.00318EPSS