Vulnerabilities > Tufin
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-09 | CVE-2020-13462 | Unspecified vulnerability in Tufin Securetrack 18.1 Insecure Direct Object Reference (IDOR) exists in Tufin SecureChange, affecting all versions prior to R20-2 GA. low complexity tufin | 2.7 |
| 2021-02-09 | CVE-2020-13461 | Unspecified vulnerability in Tufin Securetrack Username enumeration in present in Tufin SecureTrack. low complexity tufin | 3.3 |
| 2021-02-09 | CVE-2020-13460 | Cross-Site Request Forgery (CSRF) vulnerability in Tufin Securetrack 18.1 Multiple Cross-Site Request Forgery (CSRF) vulnerabilities were present in Tufin SecureTrack, affecting all versions prior to R20-2 GA. | 6.8 |
| 2021-02-09 | CVE-2020-13409 | Cross-site Scripting vulnerability in Tufin Securetrack 18.1 Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users). | 2.3 |
| 2021-02-09 | CVE-2020-13408 | Cross-site Scripting vulnerability in Tufin Securetrack 18.1 Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users). | 2.3 |
| 2021-02-09 | CVE-2020-13407 | Cross-site Scripting vulnerability in Tufin Securetrack 18.1 Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users). | 2.3 |
| 2021-01-20 | CVE-2020-13134 | Cross-site Scripting vulnerability in Tufin Securechange Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to stored XSS. | 3.5 |
| 2021-01-20 | CVE-2020-13133 | Cross-site Scripting vulnerability in Tufin Securechange Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to stored XSS. | 4.3 |
| 2019-06-19 | CVE-2018-18406 | XXE vulnerability in Tufin Securetrack 18.1 An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179(Final). | 6.5 |