Vulnerabilities > Peppermint

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-30	CVE-2023-46863	Path Traversal vulnerability in Peppermint Peppermint Ticket Management before 0.2.4 allows remote attackers to read arbitrary files via a /api/v1/users/file/download?filepath=./../ POST request. network low complexity peppermint CWE-22	7.5
2023-10-30	CVE-2023-46864	Path Traversal vulnerability in Peppermint Peppermint Ticket Management through 0.2.4 allows remote attackers to read arbitrary files via a /api/v1/ticket/1/file/download?filepath=../ POST request. network low complexity peppermint CWE-22	5.3
2023-09-18	CVE-2023-42328	Use of Hard-coded Credentials vulnerability in Peppermint An issue in PeppermintLabs Peppermint v.0.2.4 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the hardcoded session cookie. network low complexity peppermint CWE-798	8.8

Vulnerabilities > Peppermint {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Peppermint"}]}