Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2023-37987

Disclosure Date: December 13, 2024 (last updated December 18, 2024)
Missing Authorization vulnerability in miniOrange YourMembership Single Sign On allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YourMembership Single Sign On: from n/a through 1.1.3.
0
0
Attacker Value
Unknown

CVE-2023-37986

Disclosure Date: September 01, 2023 (last updated October 08, 2023)
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in miniOrange YourMembership Single Sign On – YM SSO Login plugin <= 1.1.3 versions.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0