Vulnerabilities > Marvalglobal > Marval MSM > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-28 CVE-2022-31884 Unspecified vulnerability in Marvalglobal Marval MSM 14.19.0.12476
Marval MSM v14.19.0.12476 has an Improper Access Control vulnerability which allows a low privilege user to delete other users API Keys including high privilege and the Administrator users API Keys.
network
low complexity
marvalglobal
6.5
6.5
2022-06-28 CVE-2022-31886 Cross-Site Request Forgery (CSRF) vulnerability in Marvalglobal Marval MSM 14.19.0.12476
Marval MSM v14.19.0.12476 is vulnerable to Cross Site Request Forgery (CSRF).
network
low complexity
marvalglobal CWE-352
6.5
6.5