Bottelet Flarepoint
5 CVEs affecting Bottelet Flarepoint. Latest disclosed: 2022-01-05. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-22111 | High | 8.8 | 2022-01-05 | In DayByDay CRM, version 2.2.0 is vulnerable to missing authorization. Any application user in the application who has update user permission enabled is able t… |
CVE-2022-22110 | High | 7.5 | 2022-01-05 | In Daybyday CRM, versions 1.1 through 2.2.0 enforce weak password requirements in the user update functionality. A user with privileges to update his password… |
CVE-2022-22109 | Medium | 5.4 | 2022-01-05 | In Daybyday CRM, version 2.2.0 is vulnerable to Stored Cross-Site Scripting (XSS) vulnerability that allows low privileged application users to store malicious… |
CVE-2022-22108 | Medium | 4.3 | 2022-01-05 | In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization. An attacker that has the lowest privileges account (employee type user)… |
CVE-2022-22107 | Medium | 4.3 | 2022-01-05 | In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization. An attacker that has the lowest privileges account (employee type user)… |