Max CVSS | 7.5 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-27739 | 7.5 |
A Weak Session Management vulnerability in Citadel WebCit through 926 allows unauthenticated remote attackers to hijack recently logged-in users' sessions. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilitie
|
04-11-2020 - 20:22 | 28-10-2020 - 19:15 | |
CVE-2020-27740 | 5.0 |
Citadel WebCit through 926 allows unauthenticated remote attackers to enumerate valid users within the platform. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread.
|
04-11-2020 - 18:50 | 28-10-2020 - 19:15 | |
CVE-2020-27741 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Citadel WebCit through 926 allow remote attackers to inject arbitrary web script or HTML via multiple pages and parameters. NOTE: this was reported to the vendor in a publicly archived "Multiple
|
04-11-2020 - 15:56 | 28-10-2020 - 19:15 | |
CVE-2020-27742 | 4.0 |
An Insecure Direct Object Reference vulnerability in Citadel WebCit through 926 allows authenticated remote attackers to read someone else's emails via the msg_confirm_move template. NOTE: this was reported to the vendor in a publicly archived "Multi
|
04-11-2020 - 15:53 | 28-10-2020 - 19:15 |