Vulnerabilities > Pleasanter
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-06 | CVE-2023-34439 | Cross-site Scripting vulnerability in Pleasanter Pleasanter 1.3.47.0 and earlier contains a stored cross-site scripting vulnerability. | 5.4 |
| 2023-12-06 | CVE-2023-45210 | Unspecified vulnerability in Pleasanter Pleasanter 1.3.47.0 and earlier contains an improper access control vulnerability, which may allow a remote authenticated attacker to view the temporary files uploaded by other users who are not permitted to access. | 4.3 |
| 2023-12-06 | CVE-2023-46688 | Open Redirect vulnerability in Pleasanter Open redirect vulnerability in Pleasanter 1.3.47.0 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. | 6.1 |
| 2023-06-30 | CVE-2023-32607 | Cross-site Scripting vulnerability in Pleasanter Stored cross-site scripting vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script. | 5.4 |
| 2023-06-30 | CVE-2023-32608 | Path Traversal vulnerability in Pleasanter Directory traversal vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the server. | 6.5 |
| 2023-06-01 | CVE-2023-30758 | Cross-site Scripting vulnerability in Pleasanter Cross-site scripting vulnerability in Pleasanter 1.3.38.1 and earlier allows a remote authenticated attacker to inject an arbitrary script. | 5.4 |