Luigisoftwall

#15575of 53,622
17.3Total CVSS
Vulnerabilities · 3
Medium
3
PT-2023-29515
6.1
2023-08-25
Unknown · Neomind Fusion Platform · CVE-2023-4534
**Name of the Vulnerable Software and Affected Versions** NeoMind Fusion Platform versions up to 20230731 **Description** A problematic issue was found in the NeoMind Fusion Platform, affecting an unknown function of the file /fusion/portal/action/Link. The manipulation of the `link` argument leads to cross-site scripting. It is possible to launch the attack remotely. The issue has been disclosed to the public and may be used. **Recommendations** For NeoMind Fusion Platform versions up to 20230731, as a temporary workaround, consider restricting access to the `/fusion/portal/action/Link` endpoint until a patch is available. Avoid using the `link` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.
PT-2023-29010
5.9
2023-08-16
Maximatech · Maximatech Portal Executivo · CVE-2023-4384
**Name of the Vulnerable Software and Affected Versions** MaximaTech Portal Executivo version 21.9.1.140 **Description** A vulnerability has been found in the Cookie Handler component, leading to missing encryption of sensitive data. The attack can be initiated remotely, with a rather high complexity and difficult exploitation. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2023-29042
5.3
2023-08-16
Unknown · Control Id Gerencia Web · CVE-2023-4392
**Name of the Vulnerable Software and Affected Versions** Control iD Gerencia Web version 1.30 **Description** A vulnerability was found in the component Cookie Handler, leading to cleartext storage of sensitive information. The attack may be launched remotely, with a rather high complexity and difficult exploitation. The exploit has been disclosed to the public and may be used. **Recommendations** For Control iD Gerencia Web version 1.30, consider disabling the Cookie Handler component until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.