Vulnerabilities > Tufin > Securetrack > Low

DATE CVE VULNERABILITY TITLE RISK
2021-02-09 CVE-2020-13462 Unspecified vulnerability in Tufin Securetrack 18.1
Insecure Direct Object Reference (IDOR) exists in Tufin SecureChange, affecting all versions prior to R20-2 GA.
low complexity
tufin
2.7
2021-02-09 CVE-2020-13407 Cross-site Scripting vulnerability in Tufin Securetrack 18.1
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users).
2.3
2021-02-09 CVE-2020-13408 Cross-site Scripting vulnerability in Tufin Securetrack 18.1
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users).
2.3
2021-02-09 CVE-2020-13409 Cross-site Scripting vulnerability in Tufin Securetrack 18.1
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users).
2.3
2021-02-09 CVE-2020-13461 Unspecified vulnerability in Tufin Securetrack
Username enumeration in present in Tufin SecureTrack.
low complexity
tufin
3.3