Vulnerabilities > Weintek > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-07-19 CVE-2023-35134 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Weintek Weincloud 0.13.6
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only.
network
high complexity
weintek CWE-640
5.9
2022-05-16 CVE-2021-27442 Cross-site Scripting vulnerability in Weintek products
The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code.
network
low complexity
weintek CWE-79
6.1