Vulnerabilities > Zitadel > Zitadel > 2.44.5

DATE CVE VULNERABILITY TITLE RISK
2024-05-01 CVE-2024-32967 Unspecified vulnerability in Zitadel
Zitadel is an open source identity management system.
network
low complexity
zitadel
5.3
2024-04-26 CVE-2024-32868 Improper Restriction of Excessive Authentication Attempts vulnerability in Zitadel
ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email.
network
low complexity
zitadel CWE-307
8.1
2024-03-27 CVE-2024-29891 Cross-site Scripting vulnerability in Zitadel
ZITADEL users can upload their own avatar image and various image types are allowed.
network
low complexity
zitadel CWE-79
8.7
2024-03-27 CVE-2024-29892 Incorrect Authorization vulnerability in Zitadel
ZITADEL, open source authentication management software, uses Go templates to render the login UI.
network
low complexity
zitadel CWE-863
4.9