Known Vulnerabilities
CVE-2023-37500
A Persistent Cross-site Scripting (XSS) vulnerability can be carried out on certain pages of Unica Platform. An attacker could hijack a user's session and perform other attacks.
HIGH
CVSS 8.1
Published Aug 03, 2023
CVE-2023-37499
A Persistent Cross-site Scripting (XSS) vulnerability can be carried out in a certain field of the Unica Platform. An attacker could hijack a user's session and perform other attacks.
HIGH
CVSS 8.1
Published Aug 03, 2023
CVE-2023-37498
A user is capable of assigning him/herself to arbitrary groups by reusing a POST request issued by an administrator. It is possible that an attacker could potentially escalate their privileges.
HIGH
CVSS 8.1
Published Aug 03, 2023