Vulnerabilities > Terminalfour
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-15 | CVE-2024-22217 | Server-Side Request Forgery (SSRF) vulnerability in Terminalfour A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to access internal services including sensitive information on the server that Terminalfour runs on. | 6.5 |
| 2023-10-16 | CVE-2023-29484 | Incorrect Authorization vulnerability in Terminalfour In Terminalfour before 8.3.16, misconfigured LDAP users are able to login with an invalid password. | 6.5 |
| 2023-04-12 | CVE-2023-23591 | Unspecified vulnerability in Terminalfour The Logback component in Terminalfour before 8.3.14.1 allows OS administrators to obtain sensitive information from application server logs when debug logging is enabled. | 4.9 |
| 2022-05-16 | CVE-2022-30770 | Cross-site Scripting vulnerability in Terminalfour Terminalfour versions 8.3.7, 8.3.x versions prior to version 8.3.8 and r 8.2.x versions prior to version 8.2.18.5 or 8.2.18.2.1 are vulnerable to (XSS) vulnerability that could be exploited by an attacker to mislead an administrator and steal their credentials. | 6.1 |