Vulnerabilities > Assaabloy > Control ID Idsecure > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-03 CVE-2023-33368 Exposure of Resource to Wrong Sphere vulnerability in Assaabloy Control ID Idsecure
Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes.
network
low complexity
assaabloy CWE-668
6.5
6.5
2023-04-14 CVE-2023-2044 Cross-site Scripting vulnerability in Assaabloy Control ID Idsecure 4.7.29.1
A vulnerability has been found in Control iD iDSecure 4.7.29.1 and classified as problematic.
network
low complexity
assaabloy CWE-79
6.1
6.1