VYPR

Proton

by Proton

CVEs (2)

  • CVE-2025-44177HigJul 9, 2025
    risk 0.57cvss 8.2epss 0.04

    A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-11-27, specifically in the /pt3upd/ endpoint. An unauthenticated attacker can remotely read arbitrary files on the underlying OS using encoded traversal sequences.

  • CVE-2022-25224MedMay 20, 2022
    risk 0.35cvss 5.4epss 0.01

    Proton v0.2.0 allows an attacker to create a malicious link inside a markdown file. When the victim clicks the link, the application opens the site in the current frame allowing an attacker to host JavaScript code in the malicious link in order to trigger an XSS attack. The…