Guillermo Alvarez

Researcher fromAccenture
#19595of 53,632
13.3Total CVSS
Vulnerabilities · 2
Medium
1
High
1
PT-2021-19602
9.0
2021-06-10
Annex Cloud · Annex Cloud Loyalty Experience Platform · CVE-2021-31928
Name of the Vulnerable Software and Affected Versions: Annex Cloud Loyalty Experience Platform versions prior to 2021.1.0.2 Description: The issue allows any authenticated attacker to escalate privileges to superadministrator. Recommendations: For versions prior to 2021.1.0.2, update to version 2021.1.0.2 or later to resolve the issue.
PT-2021-19603
4.3
2021-06-10
Annex Cloud · Annex Cloud Loyalty Experience Platform · CVE-2021-31929
Name of the Vulnerable Software and Affected Versions: Annex Cloud Loyalty Experience Platform versions prior to 2021.1.0.1 Description: The issue allows any authenticated attacker to modify loyalty campaigns and settings. This includes modifying fraud prevention, coupon groups, email templates, or referrals. Recommendations: For versions prior to 2021.1.0.1, update to version 2021.1.0.1 or later to resolve the issue.