Vulnerabilities > Secomea > Sitemanager 1139 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-19 | CVE-2022-38125 | Unspecified vulnerability in Secomea products Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client. | 5.5 |
| 2022-12-13 | CVE-2022-38124 | Improper Privilege Management vulnerability in Secomea products Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner. | 6.5 |
| 2022-05-04 | CVE-2022-25784 | Cross-site Scripting vulnerability in Secomea products Cross-site Scripting (XSS) vulnerability in Web GUI of SiteManager allows logged-in user to inject scripting. | 4.8 |
| 2022-03-10 | CVE-2021-32005 | Cross-site Scripting vulnerability in Secomea products Cross-site Scripting (XSS) vulnerability in log view of Secomea SiteManager allows a logged in user to store javascript for later execution. | 5.4 |
| 2021-02-16 | CVE-2020-29027 | Cross-site Scripting vulnerability in Secomea products Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager could allow an attacker to cause an XSS Attack. | 5.4 |