Vulnerabilities > Terminalfour

DATE CVE VULNERABILITY TITLE RISK
2023-10-16 CVE-2023-29484 Incorrect Authorization vulnerability in Terminalfour
In Terminalfour before 8.3.16, misconfigured LDAP users are able to login with an invalid password.
network
low complexity
terminalfour CWE-863
6.5
2022-05-16 CVE-2022-30770 Cross-site Scripting vulnerability in Terminalfour
Terminalfour versions 8.3.7, 8.3.x versions prior to version 8.3.8 and r 8.2.x versions prior to version 8.2.18.5 or 8.2.18.2.1 are vulnerable to (XSS) vulnerability that could be exploited by an attacker to mislead an administrator and steal their credentials.
network
low complexity
terminalfour CWE-79
6.1