Vulnerabilities > Metersphere

DATE CVE VULNERABILITY TITLE RISK
2023-12-28 CVE-2023-50267 Authorization Bypass Through User-Controlled Key vulnerability in Metersphere
MeterSphere is a one-stop open source continuous testing platform.
network
low complexity
metersphere CWE-639
4.3
2023-09-27 CVE-2023-41878 Use of Hard-coded Credentials vulnerability in Metersphere
MeterSphere is a one-stop open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing and performance testing.
network
low complexity
metersphere CWE-798
critical
9.8
2023-08-04 CVE-2023-38494 Missing Authorization vulnerability in Metersphere
MeterSphere is an open-source continuous testing platform.
network
low complexity
metersphere CWE-862
7.5
2023-07-17 CVE-2023-37461 Path Traversal vulnerability in Metersphere
Metersphere is an opensource testing framework.
network
low complexity
metersphere CWE-22
critical
9.8
2023-07-06 CVE-2023-35937 Missing Authorization vulnerability in Metersphere
Metersphere is an open source continuous testing platform.
network
low complexity
metersphere CWE-862
8.8
2023-05-30 CVE-2023-32699 Allocation of Resources Without Limits or Throttling vulnerability in Metersphere
MeterSphere is an open source continuous testing platform.
network
low complexity
metersphere CWE-770
6.5
2023-05-08 CVE-2023-29944 Unspecified vulnerability in Metersphere 1.20.20Lts79D354A6
Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution.
network
low complexity
metersphere
critical
9.8
2023-05-04 CVE-2023-30550 Authorization Bypass Through User-Controlled Key vulnerability in Metersphere
MeterSphere is an open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing, and performance testing.
network
low complexity
metersphere CWE-639
4.5
2023-03-09 CVE-2023-25814 Path Traversal vulnerability in Metersphere
metersphere is an open source continuous testing platform.
network
low complexity
metersphere CWE-22
6.5
2023-03-09 CVE-2023-25573 Missing Authorization vulnerability in Metersphere
metersphere is an open source continuous testing platform.
network
low complexity
metersphere CWE-862
7.5