Vulnerabilities > Priority Software > Priority
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-15 | CVE-2023-23459 | SQL Injection vulnerability in Priority-Software Priority 22.0 Priority Windows may allow Command Execution via SQL Injection using an unspecified method. | 9.8 |
| 2023-02-15 | CVE-2023-23460 | Improper Authentication vulnerability in Priority-Software Priority 19.1.0.68 Priority Web version 19.1.0.68, parameter manipulation on an unspecified end-point may allow authentication bypass. | 9.8 |
| 2022-07-06 | CVE-2022-23172 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Priority-Software Priority An attacker can access to "Forgot my password" button, as soon as he puts users is valid in the system, the system would issue a message that a password reset email had been sent to user. | 4.0 |
| 2022-07-06 | CVE-2022-23173 | Authorization Bypass Through User-Controlled Key vulnerability in Priority-Software Priority this vulnerability affect user that even not allowed to access via the web interface. | 6.5 |