Skip to main content

Ebankit

3 CVEs product

Monthly

CVE-2023-33291 HIGH This Week

In ebankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow generation of OTP messages to any e-mail address or phone number without validation. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Privilege Escalation Ebankit
NVD
CVSS 3.1
7.4
EPSS
0.9%
CVE-2023-30454 MEDIUM This Month

An issue was discovered in ebankIT before 7. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ebankit
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-30455 HIGH This Week

An issue was discovered in ebankIT before 7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Ebankit
NVD
CVSS 3.1
7.5
EPSS
1.0%
EPSS 1% CVSS 7.4
HIGH This Week

In ebankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow generation of OTP messages to any e-mail address or phone number without validation. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Privilege Escalation Ebankit
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

An issue was discovered in ebankIT before 7. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ebankit
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An issue was discovered in ebankIT before 7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Ebankit
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy