Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-13	CVE-2023-47801	Incorrect Permission Assignment for Critical Resource vulnerability in Clickstudios Passwordstate 9.5/9.6/9.7 An issue was discovered in Click Studios Passwordstate before 9811. network low complexity clickstudios CWE-732	4.7
2022-12-19	CVE-2022-4610	Use of a Broken or Risky Cryptographic Algorithm vulnerability in Clickstudios Passwordstate A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. local low complexity clickstudios CWE-327	5.5
2022-12-19	CVE-2022-4611	Unspecified vulnerability in Clickstudios Passwordstate A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. network low complexity clickstudios	5.3
2022-12-19	CVE-2022-4612	Unspecified vulnerability in Clickstudios Passwordstate A vulnerability has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome and classified as problematic. network low complexity clickstudios	6.5
2022-12-19	CVE-2022-4613	Unspecified vulnerability in Clickstudios Passwordstate A vulnerability was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome and classified as critical. network low complexity clickstudios	6.5
2022-12-19	CVE-2022-3876	Authorization Bypass Through User-Controlled Key vulnerability in Clickstudios Passwordstate A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. network low complexity clickstudios CWE-639	6.5
2022-12-19	CVE-2022-3877	Cross-site Scripting vulnerability in Clickstudios Passwordstate A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. network low complexity clickstudios CWE-79	5.4
2022-03-21	CVE-2022-25570	Incorrect Default Permissions vulnerability in Clickstudios Passwordstate 9.4 In Click Studios (SA) Pty Ltd Passwordstate 9435, users with access to a passwordlist can gain access to additional password lists without permissions. network low complexity clickstudios CWE-276	6.5
2020-10-29	CVE-2020-27747	Improper Restriction of Excessive Authentication Attempts vulnerability in Clickstudios Passwordstate 8.9 An issue was discovered in Click Studios Passwordstate 8.9 (Build 8973).If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator (4 digits), a remote attacker has the opportunity to conduct a brute force attack on this PIN code. low complexity clickstudios CWE-307	6.8
2018-08-01	CVE-2018-14776	Cross-site Scripting vulnerability in Clickstudios Passwordstate 8.3 Click Studios Passwordstate before 8.3 Build 8397 allows XSS by authenticated users via an uploaded HTML document. network low complexity clickstudios CWE-79	5.4