pleasanter CVE 脆弱性と CVE 一覧(7)

製品(CPE): — CVE 件数: 7

pleasanter 脆弱性概要

pleasanter 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

公開された問題は vendor risk cross-site scripting、vendor risk open redirect, and パス処理の欠陥 に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈で vendor impact session compromise and ファイル上書き などの暴露リスクを伴う場合があります。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移(直近24か月)

表示中 17 / 7 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2024-21584 Pleasanter 1.3.49.0 and earlier contains a cross-site scripting vulnerability. If an attacker tricks the user to access the product with a specially crafted URL and perform a specific operation, an arbitrary script may be executed on the web browser of the user. [email protected] 6.1 0.36% 2024-03-12 2026-06-17
CVE-2023-46688 Open redirect vulnerability in Pleasanter 1.3.47.0 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. [email protected] 6.1 0.53% 2023-12-06 2026-06-17
CVE-2023-45210 Pleasanter 1.3.47.0 and earlier contains an improper access control vulnerability, which may allow a remote authenticated attacker to view the temporary files uploaded by other users who are not permitted to access. [email protected] 4.3 0.52% 2023-12-06 2026-06-17
CVE-2023-34439 Pleasanter 1.3.47.0 and earlier contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the user's web browser. [email protected] 5.4 0.40% 2023-12-06 2026-06-17
CVE-2023-32608 Directory traversal vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the server. [email protected] 6.5 1.16% 2023-06-29 2026-06-17
CVE-2023-32607 Stored cross-site scripting vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script. [email protected] 5.4 0.53% 2023-06-29 2026-06-17
CVE-2023-30758 Cross-site scripting vulnerability in Pleasanter 1.3.38.1 and earlier allows a remote authenticated attacker to inject an arbitrary script. [email protected] 5.4 0.67% 2023-05-31 2026-06-17
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence