Vulnerabilities > Appspace

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-14	CVE-2021-27990	Improper Authentication vulnerability in Appspace 6.2.4 Appspace 6.2.4 is vulnerable to a broken authentication mechanism where pages such as /medianet/mail.aspx can be called directly and the framework is exposed with layouts, menus and functionalities. network low complexity appspace CWE-287	7.5
2021-04-14	CVE-2021-27989	Cross-site Scripting vulnerability in Appspace 6.2.4 Appspace 6.2.4 is vulnerable to stored cross-site scripting (XSS) in multiple parameters within /medianet/sgcontentset.aspx. network low complexity appspace CWE-79	5.4
2021-02-25	CVE-2021-27670	Server-Side Request Forgery (SSRF) vulnerability in Appspace 6.2.4 Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter. network low complexity appspace CWE-918 critical	9.8
2021-02-22	CVE-2021-27564	Cross-site Scripting vulnerability in Appspace 6.2.4 A stored XSS issue exists in Appspace 6.2.4. network low complexity appspace CWE-79	5.4
2020-01-07	CVE-2020-5393	Cross-site Scripting vulnerability in Appspace On-Prem In Appspace On-Prem through 7.1.3, an adversary can steal a session token via XSS. network low complexity appspace CWE-79	6.1

Vulnerabilities > Appspace {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Appspace"}]}