TONE store App version 3.4.2 and earlier contains an issue with unprotected primary channel. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Information Disclosure
NVD
CVSS 3.1
3.7
EPSS
0.3%
Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2.003. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
CSRF
Webmin
NVD
CVSS 3.1
3.1
EPSS
0.2%