Vulnerabilities > Clickstudios

DATE CVE VULNERABILITY TITLE RISK
2020-10-29 CVE-2020-27747 Improper Restriction of Excessive Authentication Attempts vulnerability in Clickstudios Passwordstate 8.9
An issue was discovered in Click Studios Passwordstate 8.9 (Build 8973).If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator (4 digits), a remote attacker has the opportunity to conduct a brute force attack on this PIN code.
low complexity
clickstudios CWE-307
6.8
2020-10-05 CVE-2020-26061 Missing Authentication for Critical Function vulnerability in Clickstudios Passwordstate 8.3
ClickStudios Passwordstate Password Reset Portal prior to build 8501 is affected by an authentication bypass vulnerability.
network
low complexity
clickstudios CWE-306
7.5
2018-08-01 CVE-2018-14776 Cross-site Scripting vulnerability in Clickstudios Passwordstate 8.3
Click Studios Passwordstate before 8.3 Build 8397 allows XSS by authenticated users via an uploaded HTML document.
network
low complexity
clickstudios CWE-79
5.4