VYPR
Vendor

savignano

Products
1
CVEs
7
Across products
7
Status
Private

Products

1

Recent CVEs

7
  • CVE-2024-23736HigJul 1, 2024
    risk 0.57cvss 8.8epss 0.00

    Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify before 4.0.2 for Confluence allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email.

  • CVE-2023-50932HigJan 9, 2024
    risk 0.54cvss 8.3epss 0.00

    An issue was discovered in savignano S/Notify before 4.0.2 for Confluence. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an…

  • CVE-2023-50931HigJan 9, 2024
    risk 0.54cvss 8.3epss 0.00

    An issue was discovered in savignano S/Notify before 2.0.1 for Bitbucket. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an…

  • CVE-2023-50930HigJan 9, 2024
    risk 0.54cvss 8.3epss 0.00

    An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email…

  • CVE-2024-23737Jul 1, 2024
    risk 0.00cvss epss 0.00

    Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify before 4.0.2 for Jira allows attackers to allows attackers to manipulate a user's S/MIME certificate of PGP key via malicious link or email.

  • CVE-2024-23734Apr 10, 2024
    risk 0.00cvss epss 0.00

    Cross Site Request Forgery vulnerability in in the upload functionality of the User Profile pages in savignano S/Notify before 2.0.1 for Bitbucket allow attackers to replace S/MIME certificate or PGP keys for arbitrary users via crafted link.

  • CVE-2024-23735Apr 10, 2024
    risk 0.00cvss epss 0.00

    Cross Site Scripting (XSS) vulnerability in in the S/MIME certificate upload functionality of the User Profile pages in savignano S/Notify before 4.0.0 for Confluence allows attackers to manipulate user data via specially crafted certificate.