OpenCVE

Filtered by vendor Uniguest Subscriptions

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-26599	1 Uniguest	1 Tripleplay	2024-11-21	6.1 Medium
XSS vulnerability in TripleSign in Tripleplay Platform releases prior to Caveman 3.4.0 allows attackers to inject client-side code to run as an authenticated user via a crafted link.
CVE-2023-25760	1 Uniguest	1 Tripleplay	2024-11-21	8.8 High
Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords via a crafted request payload
CVE-2023-25759	1 Uniguest	1 Tripleplay	2024-11-21	5.4 Medium
OS Command Injection in TripleData Reporting Engine in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated users to run unprivileged OS level commands via a crafted request payload.

Page 1 of 1.