Filtered by vendor Adata
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-61074 | 1 Adata | 1 Mitarbeiter Portal | 2026-01-14 | N/A | 4.6 MEDIUM |
| A stored Cross Site Scripting (XSS) vulnerability in the bulletin board (SchwarzeBrett) in adata Software GmbH Mitarbeiter Portal 2.15.2.0 allows remote authenticated users to execute arbitrary JavaScript code in the web browser of other users via manipulation of the 'Inhalt' parameter of the '/SchwarzeBrett/Nachrichten/CreateNachricht' or '/SchwarzeBrett/Nachrichten/EditNachricht/' requests. | |||||
| CVE-2025-61075 | 1 Adata | 1 Mitarbeiter Portal | 2025-12-12 | N/A | 8.1 HIGH |
| Multiple Incorrect Access Control vulnerabilities in adata Software GmbH Mitarbeiterportal 2.15.2.0 allow remote authenticated, low-privileged users to carry out administrative functions and manipulate data of other users via unauthorized API calls. | |||||