Vulnerabilities > Testes Codigo

DATE CVE VULNERABILITY TITLE RISK
2021-02-16 CVE-2021-25648 Unspecified vulnerability in Testes-Codigo Testes DE Codigo
Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters "isAdmin" and "isPremium" located on device storage.
network
low complexity
testes-codigo
critical
9.8
2021-01-28 CVE-2021-25647 Cross-site Scripting vulnerability in Testes-Codigo Testes DE Codigo
Mobile application "Testes de Codigo" v11.3 and prior allows stored XSS by injecting a payload in the "feedback" message field causing it to be stored in the remote database and leading to its execution on client devices when loading the "feedback list", either by accessing the website directly or using the mobile application.
network
low complexity
testes-codigo CWE-79
5.4