Uniguest - Tripleplay CVE - OpenCVE

Filtered by vendor Uniguest Subscriptions

Filtered by product Tripleplay Subscriptions

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-26599	1 Uniguest	1 Tripleplay	2024-08-02	6.1 Medium
XSS vulnerability in TripleSign in Tripleplay Platform releases prior to Caveman 3.4.0 allows attackers to inject client-side code to run as an authenticated user via a crafted link.
CVE-2023-25760	1 Uniguest	1 Tripleplay	2024-08-02	8.8 High
Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords via a crafted request payload
CVE-2023-25759	1 Uniguest	1 Tripleplay	2024-08-02	5.4 Medium
OS Command Injection in TripleData Reporting Engine in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated users to run unprivileged OS level commands via a crafted request payload.

Page 1 of 1.