Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-45889 | 1 Ponton | 1 X\/p Messenger | 2022-03-19 | 3.5 LOW | 5.4 MEDIUM |
An issue was discovered in PONTON X/P Messenger before 3.11.2. Several functions are vulnerable to reflected XSS, as demonstrated by private/index.jsp?partners/ShowNonLocalPartners.do?localID= or private/index.jsp or private/index.jsp?database/databaseTab.jsp or private/index.jsp?activation/activationMainTab.jsp or private/index.jsp?communication/serverTab.jsp or private/index.jsp?emailNotification/notificationTab.jsp. | |||||
CVE-2021-45888 | 1 Ponton | 1 X\/p Messenger | 2022-03-19 | 3.5 LOW | 4.8 MEDIUM |
An issue was discovered in PONTON X/P Messenger before 3.11.2. The navigation tree that is shown on the left side of every page of the web application is vulnerable to XSS: it allows injection of JavaScript into its nodes. Creating such nodes is only possible for users who have the role Configuration Administrator or Administrator. | |||||
CVE-2021-45887 | 1 Ponton | 1 X\/p Messenger | 2022-03-19 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in PONTON X/P Messenger before 3.11.2. Due to path traversal in private/SchemaSetUpload.do for uploaded ZIP files, an executable script can be uploaded by web application administrators, giving the attacker remote code execution on the underlying server via an imgs/*.jsp URI. | |||||
CVE-2021-45886 | 1 Ponton | 1 X\/p Messenger | 2022-03-19 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in PONTON X/P Messenger before 3.11.2. Anti-CSRF tokens are globally valid, making the web application vulnerable to a weakened version of CSRF, where an arbitrary token of a low-privileged user (such as operator) can be used to confirm actions of higher-privileged ones (such as xpadmin). |