S-notify Security Vulnerabilities and Issues — S-notify CVE List

Lucene search

SavignanoS-notify

4 matches found

CVE•added 2024/07/01 10:15 p.m.•52 views

CVE-2024-23737

Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify before 4.0.2 for Jira allows attackers to allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email.

5.4CVSS7.1AI score0.00036EPSS

CVE•added 2024/04/10 4:15 p.m.•48 views

CVE-2024-23735

Cross Site Scripting (XSS) vulnerability in in the S/MIME certificate upload functionality of the User Profile pages in savignano S/Notify before 4.0.0 for Confluence allows attackers to manipulate user data via specially crafted certificate.

6.1CVSS5.9AI score0.00474EPSS

CVE•added 2024/01/09 7:15 a.m.•39 views

CVE-2023-50930

An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a mali...

8.3CVSS6.9AI score0.00047EPSS

CVE•added 2024/04/10 4:15 p.m.•37 views

CVE-2024-23734

Cross Site Request Forgery vulnerability in in the upload functionality of the User Profile pages in savignano S/Notify before 2.0.1 for Bitbucket allow attackers to replace S/MIME certificate or PGP keys for arbitrary users via crafted link.

5.2CVSS7AI score0.00124EPSS