Vulnerabilities > Zitadel > Zitadel > 2.44.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-01 | CVE-2024-32967 | Unspecified vulnerability in Zitadel Zitadel is an open source identity management system. | 5.3 |
| 2024-04-26 | CVE-2024-32868 | Improper Restriction of Excessive Authentication Attempts vulnerability in Zitadel ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email. | 8.1 |
| 2024-03-27 | CVE-2024-29891 | Cross-site Scripting vulnerability in Zitadel ZITADEL users can upload their own avatar image and various image types are allowed. | 8.7 |
| 2024-03-27 | CVE-2024-29892 | Incorrect Authorization vulnerability in Zitadel ZITADEL, open source authentication management software, uses Go templates to render the login UI. | 4.9 |