Vulnerabilities > Redhat > Certificate System > 10.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-14 | CVE-2022-2393 | A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. | 5.7 |
| 2021-03-15 | CVE-2021-20179 | Incorrect Authorization vulnerability in multiple products A flaw was found in pki-core. | 8.1 |
| 2020-03-31 | CVE-2019-10180 | Cross-site Scripting vulnerability in multiple products A vulnerability was found in all pki-core 10.x.x version, where the Token Processing Service (TPS) did not properly sanitize several parameters stored for the tokens, possibly resulting in a Stored Cross Site Scripting (XSS) vulnerability. | 4.8 |
| 2020-03-20 | CVE-2020-1696 | Cross-site Scripting vulnerability in multiple products A flaw was found in the all pki-core 10.x.x versions, where Token Processing Service (TPS) where it did not properly sanitize Profile IDs, enabling a Stored Cross-Site Scripting (XSS) vulnerability when the profile ID is printed. | 5.4 |