mecodia CVE Vulnerabilities & CVE List (3)

Products (CPE): — CVEs: 3

mecodia vulnerability overview

Aggregates CVE and security vulnerability intelligence across all mecodia-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact session compromise, affecting vendor surface production workloads scenarios.

Vulnerability distribution trend (last 24 months)

Showing 13 of 3 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2024-41519 Feripro <= v2.2.3 is vulnerable to Cross Site Scripting (XSS) via "/admin/programm/<program_id>/zuordnung/veranstaltungen/<event_id>" through the "school" input field. [email protected] 5.4 0.22% 2024-08-02 2024-10-29
CVE-2024-41518 An Incorrect Access Control vulnerability in "/admin/programm/<program_id>/export/statistics" in Feripro <= v2.2.3 allows remote attackers to export an XLSX file with information about registrations and participants. [email protected] 7.5 0.26% 2024-08-02 2024-09-03
CVE-2024-41517 An Incorrect Access Control vulnerability in "/admin/benutzer/institution/rechteverwaltung/uebersicht" in Feripro <= v2.2.3 allows remote attackers to get a list of all users and their corresponding privileges. [email protected] 5.3 0.28% 2024-08-02 2024-10-28
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence