Shiftcontroller Security Vulnerabilities and Issues — Shiftcontroller CVE List

Lucene search

PlainwareShiftcontroller

2 matches found

CVE•added 2024/05/16 8:15 p.m.•53 views

CVE-2024-4733

The ShiftController Employee Shift Scheduling plugin is vulnerable to PHP Object Injection via deserialization of untrusted input via the hc3_session-cookie in versions up to, and including, 4.9.57. This makes it possible for an authenticated attacker with contributor access-level or above to injec...

7.5CVSS7AI score0.01231EPSS

CVE•added 2023/06/26 8:15 a.m.•36 views

CVE-2023-29424

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Plainware ShiftController Employee Shift Scheduling plugin

7.1CVSS5.2AI score0.00058EPSS