Vulnerabilities > Jamf > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-01 | CVE-2021-40809 | Server-Side Request Forgery (SSRF) vulnerability in Jamf An issue was discovered in Jamf Pro before 10.32.0, aka PI-009921. | 6.5 |
| 2021-07-12 | CVE-2021-35037 | Open Redirect vulnerability in Jamf Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnerability affecting Jamf Pro customers who host their environments on-premises. | 5.8 |
| 2021-04-02 | CVE-2021-30125 | Cross-site Scripting vulnerability in Jamf Jamf Pro before 10.28.0 allows XSS related to inventory history, aka PI-009376. | 4.3 |
| 2020-01-07 | CVE-2018-10465 | Unspecified vulnerability in Jamf Jamf Pro 10.x before 10.3.0 has Incorrect Access Control. | 6.5 |
| 2012-09-28 | CVE-2012-4051 | Cross-Site Request Forgery (CSRF) vulnerability in Jamf Casper Suite Multiple cross-site request forgery (CSRF) vulnerabilities in editAccount.html in the JAMF Software Server (JSS) interface in JAMF Casper Suite before 8.61 allow remote attackers to hijack the authentication of administrators for requests that (1) create user accounts or (2) change passwords via a Save action. | 6.8 |