Skip to main content

Imind Server

3 CVEs product

Monthly

CVE-2020-25399 HIGH POC This Week

Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Imind Server
NVD GitHub
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-25398 HIGH POC This Week

CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Imind Server
NVD GitHub
CVSS 3.1
8.8
EPSS
2.0%
CVE-2020-24765 HIGH POC This Week

InterMind iMind Server through 3.13.65 allows remote unauthenticated attackers to read the self-diagnostic archive via a direct api/rs/monitoring/rs/api/system/dump-diagnostic-info?server=127.0.0.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imind Server
NVD GitHub
CVSS 3.1
7.5
EPSS
6.8%
EPSS 1% CVSS 7.8
HIGH POC This Week

Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Imind Server
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Imind Server
NVD GitHub
EPSS 7% CVSS 7.5
HIGH POC This Week

InterMind iMind Server through 3.13.65 allows remote unauthenticated attackers to read the self-diagnostic archive via a direct api/rs/monitoring/rs/api/system/dump-diagnostic-info?server=127.0.0.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imind Server
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy