Sebastian Auwaerter

Researcher fromSySS GmbH
#10978of 53,635
25.1Total CVSS
Vulnerabilities · 3
Medium
1
High
1
Critical
1
PT-2020-14726
6.1
2020-08-04
Atlassian · Gantt-Chart For Jira · CVE-2020-15943
**Name of the Vulnerable Software and Affected Versions** Gantt-Chart for Jira versions prior to 5.5.4 **Description** An issue in the Gantt-Chart module allows authenticated attackers to read and write to the module configuration of other users due to a missing privilege check. This can also be used to deliver an XSS payload to other users' dashboards. **Recommendations** For versions prior to 5.5.4, update to version 5.5.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the Gantt-Chart module to minimize the risk of exploitation.
PT-2019-13062
10
2019-07-05
Bks · Bks Ebk Ethernet-Buskoppler Pro · CVE-2019-12971
**Name of the Vulnerable Software and Affected Versions** BKS EBK Ethernet-Buskoppler Pro versions prior to 3.01 **Description** The issue allows for the unrestricted upload of a file with a dangerous type. **Recommendations** For versions prior to 3.01, update to version 3.01 or later to resolve the issue.
PT-2018-13755
9.0
2018-09-13
Hiscout · Hiscout Grc Suite · CVE-2018-16796
**Name of the Vulnerable Software and Affected Versions** HiScout GRC Suite versions prior to 3.1.5 **Description** The issue allows for the unrestricted upload of files with dangerous types. **Recommendations** For versions prior to 3.1.5, update to version 3.1.5 or later to resolve the issue.