Lucene search
K
Touchbase.ai ProjectTouchbase.ai*

4 matches found

CVE
CVE
added 2020/11/11 10:0 p.m.67 views

CVE-2020-26218

CVE-2020-26218 affects touchbase.ai prior to version 2.0 and is a Cross-Site Scripting vulnerability that lets attackers inject HTML payloads, potentially causing defacement and user redirection to malicious pages. The issue is mitigated by upgrading to version 2.0, which patches the vulnerabilit...

8CVSS6.2AI score0.01912EPSS
CVE
CVE
added 2020/11/11 10:5 p.m.54 views

CVE-2020-26219

Touchbase.ai prior to version 2.0 is affected by an Open Redirect vulnerability. The issue allows redirection to attacker-controlled content and can lead to information/credential theft and, in some cases, cross-site scripting. The advisory notes the vulnerability is fixed in version 2.0. Remedia...

6.1CVSS5.1AI score0.00608EPSS
CVE
CVE
added 2020/11/11 10:20 p.m.51 views

CVE-2020-26221

The CVE-2020-26221 entry concerns touchbase.ai before version 2.0, where a Cross-Site Scripting (XSS) vulnerability exists in the affected web application. The flaw allows an attacker to inject JavaScript that can hijack a user’s cookie/session tokens, redirect users to malicious pages, or cause ...

8CVSS6.1AI score0.00611EPSS
CVE
CVE
added 2020/11/11 10:15 p.m.48 views

CVE-2020-26220

The CVE-2020-26220 entry describes a data disclosure in toucbase.ai where images uploaded by users fail to have EXIF data stripped. The underlying issue allows an attacker with access to another user’s uploaded image to obtain embedded EXIF details such as geolocation, device name, and software/v...

3.5CVSS3.6AI score0.00744EPSS