Recent CVEs
CVE-2023-28025
Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed and stored in the server storage.
MEDIUM
Dec 21, 2023
CVE-2021-27781
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.
MEDIUM
May 27, 2022
CVE-2021-27780
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
MEDIUM
May 27, 2022
CVE-2021-27783
User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.
MEDIUM
May 25, 2022