Vulnerabilities > Zitadel > Zitadel > 1.50.2

DATE CVE VULNERABILITY TITLE RISK
2023-10-26 CVE-2023-46238 Cross-site Scripting vulnerability in Zitadel
ZITADEL is an identity infrastructure management system.
network
low complexity
zitadel CWE-79
5.4
2023-10-10 CVE-2023-44399 Unspecified vulnerability in Zitadel
ZITADEL provides identity infrastructure.
network
low complexity
zitadel
5.3
2022-08-31 CVE-2022-36051 Incorrect Authorization vulnerability in Zitadel
ZITADEL combines the ease of Auth0 and the versatility of Keycloak.**Actions**, introduced in ZITADEL **1.42.0** on the API and **1.56.0** for Console, is a feature, where users with role.`ORG_OWNER` are able to create Javascript Code, which is invoked by the system at certain points during the login.
network
low complexity
zitadel CWE-863
8.8