Skip to main content

Webuntis

2 CVEs product

Monthly

CVE-2020-22453 MEDIUM This Month

Untis WebUntis before 2020.9.6 allows XSS in multiple functions that store information. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Webuntis
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-10540 HIGH This Week

Untis WebUntis before 2020.9.6 allows CSRF for certain combinations of rights and modules. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Webuntis
NVD
CVSS 3.1
8.8
EPSS
0.5%
EPSS 1% CVSS 6.1
MEDIUM This Month

Untis WebUntis before 2020.9.6 allows XSS in multiple functions that store information. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Webuntis
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Untis WebUntis before 2020.9.6 allows CSRF for certain combinations of rights and modules. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Webuntis
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy