Vulnerabilities > PTC > Vuforia Studio > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-07 | CVE-2023-29152 | Unspecified vulnerability in PTC Vuforia Studio By changing the filename parameter in the request, an attacker could delete any file with the permissions of the Vuforia server account. | 8.1 |
| 2023-06-07 | CVE-2023-29168 | Insufficiently Protected Credentials vulnerability in PTC Vuforia Studio The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication. | 7.5 |
| 2023-06-07 | CVE-2023-31200 | Cross-Site Request Forgery (CSRF) vulnerability in PTC Vuforia Studio PTC Vuforia Studio does not require a token; this could allow an attacker with local access to perform a cross-site request forgery attack or a replay attack. | 8.0 |