Vulnerabilities > Zitadel

DATE CVE VULNERABILITY TITLE RISK
2024-09-20 CVE-2024-46999 Unspecified vulnerability in Zitadel
Zitadel is an open source identity management platform.
network
low complexity
zitadel
6.5
2024-09-20 CVE-2024-47000 Unspecified vulnerability in Zitadel
Zitadel is an open source identity management platform.
network
low complexity
zitadel
7.5
2024-09-20 CVE-2024-47060 Incorrect Authorization vulnerability in Zitadel
Zitadel is an open source identity management platform.
network
low complexity
zitadel CWE-863
6.5
2023-11-30 CVE-2023-49097 Unspecified vulnerability in Zitadel
ZITADEL is an identity infrastructure system.
network
low complexity
zitadel
8.8
2023-11-08 CVE-2023-47111 Unspecified vulnerability in Zitadel
ZITADEL provides identity infrastructure.
network
high complexity
zitadel
3.7
2023-10-26 CVE-2023-46238 Cross-site Scripting vulnerability in Zitadel
ZITADEL is an identity infrastructure management system.
network
low complexity
zitadel CWE-79
5.4
2023-10-10 CVE-2023-44399 Unspecified vulnerability in Zitadel
ZITADEL provides identity infrastructure.
network
low complexity
zitadel
5.3
2023-01-11 CVE-2023-22492 Unspecified vulnerability in Zitadel
ZITADEL is a combination of Auth0 and Keycloak.
network
high complexity
zitadel
5.9
2022-08-31 CVE-2022-36051 Incorrect Authorization vulnerability in Zitadel
ZITADEL combines the ease of Auth0 and the versatility of Keycloak.**Actions**, introduced in ZITADEL **1.42.0** on the API and **1.56.0** for Console, is a feature, where users with role.`ORG_OWNER` are able to create Javascript Code, which is invoked by the system at certain points during the login.
network
low complexity
zitadel CWE-863
8.8