Passbolt Passbolt_api
3 CVEs affecting Passbolt Passbolt_api. Latest disclosed: 2025-03-10. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-27913 | High | 7.5 | 2025-03-10 | Passbolt API before 5, if the server is misconfigured (with an incorrect installation process and disregarding of Health Check results), can send email message… |
CVE-2017-1000442 | Medium | 5.4 | 2018-01-02 | Passbolt API version 1.6.4 and older are vulnerable to a XSS in the url field on the password workspace |
CVE-2024-33670 | Medium | 4.3 | 2024-04-26 | Passbolt API before 4.6.2 allows HTML injection in a URL parameter, resulting in custom content being displayed when a user visits the crafted URL. Although th… |