Skip to main content

Cdex

3 CVEs product

Monthly

CVE-2024-2465 HIGH This Week

Open redirection vulnerability in CDeX application allows to redirect users to arbitrary websites via a specially crafted URL.7.1. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Cdex
NVD
CVSS 3.1
7.1
EPSS
0.5%
CVE-2024-2464 MEDIUM This Month

This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.7.1. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cdex
NVD
CVSS 3.1
6.3
EPSS
0.5%
CVE-2024-2463 HIGH This Week

Weak password recovery mechanism in CDeX application allows to retrieve password reset token.7.1. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cdex
NVD
CVSS 3.1
8.0
EPSS
0.6%
EPSS 1% CVSS 7.1
HIGH This Week

Open redirection vulnerability in CDeX application allows to redirect users to arbitrary websites via a specially crafted URL.7.1. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Cdex
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.7.1. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cdex
NVD
EPSS 1% CVSS 8.0
HIGH This Week

Weak password recovery mechanism in CDeX application allows to retrieve password reset token.7.1. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cdex
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy