Liveboxcloud Vdesk

13 CVEs affecting Liveboxcloud Vdesk. Latest disclosed: 2024-06-10. Critical: 3, High: 3.

Top CVEs affecting Liveboxcloud Vdesk
CVESeverityScorePublishedSummary
CVE-2022-45174Critical9.82023-04-14An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication for SAML Users can occur under the /login/backup_cod…
CVE-2022-45173Critical9.82023-04-14An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication can occur under the /api/v1/vdeskintegration/challen…
CVE-2022-45172Critical9.82023-01-31An issue was discovered in LIVEBOX Collaboration vDesk before v018. Broken Access Control can occur under the /api/v1/registration/validateEmail endpoint, the…
CVE-2022-45171High8.82024-05-28An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Unrestricted Upload of a File with a Dangerous Type can occur under the vShare web site…
CVE-2022-45178High8.82023-04-14An issue was discovered in LIVEBOX Collaboration vDesk through v018. Broken Access Control exists under the /api/v1/vdeskintegration/saml/user/createorupdate e…
CVE-2022-45177High7.52024-02-21An issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response Discrepancy can occur under the /api/v1/vdeskintegration/user/isena…
CVE-2022-45168Medium6.52024-06-10An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication can occur under the /login/backup_code endpoint and…
CVE-2022-45180Medium6.52023-04-14An issue was discovered in LIVEBOX Collaboration vDesk through v018. Broken Access Control exists under the /api/v1/vdesk_{DOMAIN]/export endpoint. A malicious…
CVE-2022-45175Medium6.52023-04-14An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Insecure Direct Object Reference can occur under the 5.6.5-3/doc/{ID-FILE]/c/{N]/{C]/we…
CVE-2022-45170Medium6.52023-04-14An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can occur under the /api/v1/vencrypt/decrypt/file endpoint. A malici…
CVE-2022-45176Medium5.42024-06-10An issue was discovered in LIVEBOX Collaboration vDesk through v018. Stored Cross-site Scripting (XSS) can occur under the /api/v1/getbodyfile endpoint via the…
CVE-2022-45179Medium5.42024-02-21An issue was discovered in LIVEBOX Collaboration vDesk through v031. A basic XSS vulnerability exists under the /api/v1/vdeskintegration/todo/createorupdate en…
CVE-2022-45169Medium5.42024-02-21An issue was discovered in LIVEBOX Collaboration vDesk through v031. A URL Redirection to an Untrusted Site (Open Redirect) can occur under the /api/v1/notific…