Filtered by vendor Citeum
Subscriptions
Filtered by product Opencti
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-30290 | 1 Citeum | 1 Opencti | 2024-11-21 | 7.5 High |
| In OpenCTI through 5.2.4, a broken access control vulnerability has been identified in the profile endpoint. An attacker can abuse the identified vulnerability in order to arbitrarily change their registered e-mail address as well as their API key, even though such action is not possible through the interface, legitimately. | ||||
| CVE-2022-30289 | 1 Citeum | 1 Opencti | 2024-11-21 | 5.4 Medium |
| A stored Cross-site Scripting (XSS) vulnerability was identified in the Data Import functionality of OpenCTI through 5.2.4. An attacker can abuse the vulnerability to upload a malicious file that will then be executed by a victim when they open the file location. | ||||
Page 1 of 1.