Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SismicsTeedy*

5 matches found

CVE
CVEadded 2022/01/10 4:15 p.m.51 views

CVE-2022-22114

In Teedy, versions v1.5 through v1.9 are vulnerable to Reflected Cross-Site Scripting (XSS). The “search term" search functionality is not sufficiently sanitized while displaying the results of the search, which can be leveraged to inject arbitrary scripts. These scripts are executed in a victim’s ...

9.6CVSS8.7AI score0.02046EPSS
CVE
CVEadded 2022/01/10 4:15 p.m.51 views

CVE-2022-22115

In Teedy, versions v1.5 through v1.9 are vulnerable to Stored Cross-Site Scripting (XSS) in the name of a created Tag. Since the Tag name is not being sanitized properly in the edit tag page, a low privileged attacker can store malicious scripts in the name of the Tag. In the worst case, the victim...

9CVSS8AI score0.00373EPSS
CVE
CVEadded 2025/01/13 4:15 p.m.51 views

CVE-2025-22963

Teedy through 1.11 allows CSRF for account takeover via POST /api/user/admin.

7.5CVSS7.1AI score0.00034EPSS
CVE
CVEadded 2025/01/29 10:15 p.m.41 views

CVE-2024-54852

When LDAP connection is activated in Teedy versions between 1.9 to 1.12, the username field of the login form is vulnerable to LDAP injection. Due to improper sanitization of user input, an unauthenticated attacker is then able to perform various malicious actions, such as creating arbitrary accoun...

9.8CVSS7.1AI score0.00568EPSS
CVE
CVEadded 2025/01/29 10:15 p.m.39 views

CVE-2024-54851

Teedy

8.8CVSS8.8AI score0.00033EPSS