VYPR
Vendor

Pleasanter

Products
2
CVEs
6
Across products
6
Status
Private

Products

2

Recent CVEs

6
  • CVE-2023-32608MedJun 30, 2023
    risk 0.42cvss 6.5epss 0.01

    Directory traversal vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the server.

  • CVE-2023-46688MedDec 6, 2023
    risk 0.40cvss 6.1epss 0.01

    Open redirect vulnerability in Pleasanter 1.3.47.0 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL.

  • CVE-2023-34439MedDec 6, 2023
    risk 0.35cvss 5.4epss 0.00

    Pleasanter 1.3.47.0 and earlier contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the user's web browser.

  • CVE-2023-32607MedJun 30, 2023
    risk 0.35cvss 5.4epss 0.01

    Stored cross-site scripting vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script.

  • CVE-2023-30758MedJun 1, 2023
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting vulnerability in Pleasanter 1.3.38.1 and earlier allows a remote authenticated attacker to inject an arbitrary script.

  • CVE-2023-45210MedDec 6, 2023
    risk 0.28cvss 4.3epss 0.01

    Pleasanter 1.3.47.0 and earlier contains an improper access control vulnerability, which may allow a remote authenticated attacker to view the temporary files uploaded by other users who are not permitted to access.