Vulnerabilities > Weintek > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-19 | CVE-2023-35134 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Weintek Weincloud 0.13.6 Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only. | 5.9 |
| 2022-05-16 | CVE-2021-27442 | Cross-site Scripting vulnerability in Weintek products The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code. | 4.3 |