Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2023-32226

Disclosure Date: July 30, 2023 (last updated October 08, 2023)
Sysaid - CWE-552: Files or Directories Accessible to External Parties -  Authenticated users may exfiltrate files from the server via an unspecified method.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-32225

Disclosure Date: July 30, 2023 (last updated October 08, 2023)
Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type -  A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-13168

Disclosure Date: October 02, 2020 (last updated February 22, 2025)
SysAid 20.1.11b26 allows reflected XSS via the ForgotPassword.jsp accountid parameter.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0