Vulnerabilities > Clickstudios

DATE CVE VULNERABILITY TITLE RISK
2020-10-29 CVE-2020-27747 Insufficiently Protected Credentials vulnerability in Clickstudios Passwordstate 8.9
An issue was discovered in Click Studios Passwordstate 8.9 (Build 8973).If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator (4 digits), a remote attacker has the opportunity to conduct a brute force attack on this PIN code.
local
low complexity
clickstudios CWE-522
2.1
2020-10-05 CVE-2020-26061 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Clickstudios Passwordstate 8.3
ClickStudios Passwordstate Password Reset Portal prior to build 8501 is affected by an authentication bypass vulnerability.
network
low complexity
clickstudios CWE-640
5.0
2018-08-01 CVE-2018-14776 Cross-site Scripting vulnerability in Clickstudios Passwordstate 8.3
Click Studios Passwordstate before 8.3 Build 8397 allows XSS by authenticated users via an uploaded HTML document.
3.5