Vulnerabilities > Gestsup

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-13	CVE-2023-52059	Cross-site Scripting vulnerability in Gestsup A cross-site scripting (XSS) vulnerability in Gestsup v3.2.46 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description text field. network low complexity gestsup CWE-79	5.4
2024-02-13	CVE-2023-52060	Cross-Site Request Forgery (CSRF) vulnerability in Gestsup A Cross-Site Request Forgery (CSRF) in Gestsup v3.2.46 allows attackers to arbitrarily edit user profile information via a crafted request. network low complexity gestsup CWE-352	4.3
2021-04-26	CVE-2021-31646	Improper Restriction of Excessive Authentication Attempts vulnerability in Gestsup Gestsup before 3.2.10 allows account takeover through the password recovery functionality (remote). network low complexity gestsup CWE-307 critical	9.8

Vulnerabilities > Gestsup {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Gestsup"}]}