Filtered by vendor Qsige
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-4103 | 1 Qsige | 1 Qsige | 2023-10-10 | N/A | 8.8 HIGH |
| QSige statistics are affected by a remote SQLi vulnerability. It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application. | |||||
| CVE-2023-4102 | 1 Qsige | 1 Qsige | 2023-10-10 | N/A | 8.8 HIGH |
| QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application. | |||||
| CVE-2023-4101 | 1 Qsige | 1 Qsige | 2023-10-10 | N/A | 6.5 MEDIUM |
| The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application. | |||||