Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Sysaid
Filtered by product Sysaid On-premises
Angry Yack Logo
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-32226 1 Sysaid 1 Sysaid On-premises 2024-11-21 N/A 8.3 HIGH
Sysaid - CWE-552: Files or Directories Accessible to External Parties -  Authenticated users may exfiltrate files from the server via an unspecified method.
CVE-2023-32225 1 Sysaid 1 Sysaid On-premises 2024-11-21 N/A 9.8 CRITICAL
Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type -  A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method.
CVE-2020-13168 1 Sysaid 2 Sysaid On-premises, Sysaidsy On-premises 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
SysAid 20.1.11b26 allows reflected XSS via the ForgotPassword.jsp accountid parameter.