Vulnerabilities > Fit2Cloud > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-31 | CVE-2023-46138 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Fit2Cloud Jumpserver JumpServer is an open source bastion host and maintenance security audit system that complies with 4A specifications. | 5.3 |
| 2023-10-25 | CVE-2023-46123 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fit2Cloud Jumpserver jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications. | 5.3 |
| 2023-09-15 | CVE-2023-42442 | Improper Authentication vulnerability in Fit2Cloud Jumpserver JumpServer is an open source bastion host and a professional operation and maintenance security audit system. | 5.3 |
| 2023-08-24 | CVE-2023-39519 | Information Exposure vulnerability in Fit2Cloud Cloudexplorer Lite Cloud Explorer Lite is an open source cloud management platform. | 4.9 |
| 2023-08-10 | CVE-2023-39965 | Incorrect Authorization vulnerability in Fit2Cloud 1Panel 1.4.3 1Panel is an open source Linux server operation and maintenance management panel. | 4.3 |
| 2023-05-26 | CVE-2023-32311 | Missing Authorization vulnerability in Fit2Cloud Cloudexplorer CloudExplorer Lite is an open source cloud management platform. | 4.3 |
| 2023-05-26 | CVE-2023-32316 | Missing Authorization vulnerability in Fit2Cloud Cloudexplorer CloudExplorer Lite is an open source cloud management tool. | 4.3 |
| 2023-05-24 | CVE-2022-42225 | Cross-site Scripting vulnerability in Fit2Cloud Lina Jumpserver 2.10.0 <= version <= 2.26.0 contains multiple stored XSS vulnerabilities because of improper filtering of user input, which can execute any javascript under admin's permission. | 5.4 |
| 2023-05-23 | CVE-2023-2844 | Authorization Bypass Through User-Controlled Key vulnerability in Fit2Cloud Cloudexplorer Lite Authorization Bypass Through User-Controlled Key in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0. | 4.9 |
| 2023-01-10 | CVE-2023-22479 | Session Fixation vulnerability in Fit2Cloud Kubepi KubePi is a modern Kubernetes panel. | 6.5 |