Vulnerabilities > Huntflow > Huntflow Enterprise > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-10 | CVE-2021-37935 | Information Exposure vulnerability in Huntflow Enterprise An information disclosure vulnerability in the login page of Huntflow Enterprise before 3.10.4 could allow an unauthenticated, remote user to get information about the domain name of the configured LDAP server. | 7.5 |
| 2021-10-14 | CVE-2021-37933 | Injection vulnerability in Huntflow Enterprise An LDAP injection vulnerability in /account/login in Huntflow Enterprise before 3.10.6 could allow an unauthenticated, remote user to modify the logic of an LDAP query and bypass authentication. | 7.5 |