Skip to main content

Twake

6 CVEs product

Monthly

CVE-2025-70039 CRITICAL Act Now

OS command injection in Linagora Twake v2023.Q1.1223 allows unauthenticated remote code execution.

Command Injection Twake
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-70038 HIGH This Week

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code. [CVSS 8.8 HIGH]

RCE XSS Twake
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-70037 MEDIUM This Month

An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in linagora Twake v2023.Q1.1223. This allows attackers to obtain sensitive information and execute arbitrary code. [CVSS 6.1 MEDIUM]

RCE Open Redirect Twake
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2023-2675 CRITICAL POC PATCH Act Now

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 2023.Q1.1223. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Twake
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-1665 CRITICAL POC PATCH Act Now

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Twake
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-0028 MEDIUM POC PATCH THREAT This Month

Cross-site Scripting (XSS) - Stored in GitHub repository linagora/twake prior to 2023.Q1.1200+. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Twake
NVD GitHub
CVSS 3.1
5.4
EPSS
40.9%
EPSS 0% CVSS 9.8
CRITICAL Act Now

OS command injection in Linagora Twake v2023.Q1.1223 allows unauthenticated remote code execution.

Command Injection Twake
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code. [CVSS 8.8 HIGH]

RCE XSS Twake
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM This Month

An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in linagora Twake v2023.Q1.1223. This allows attackers to obtain sensitive information and execute arbitrary code. [CVSS 6.1 MEDIUM]

RCE Open Redirect Twake
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 2023.Q1.1223. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Twake
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Twake
NVD GitHub
EPSS 41% CVSS 5.4
MEDIUM POC PATCH THREAT This Month

Cross-site Scripting (XSS) - Stored in GitHub repository linagora/twake prior to 2023.Q1.1200+. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Twake
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy