Vulnerabilities (CVE)

Filtered by vendor Mesbook Subscribe
Filtered by product Mesbook
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-6427 1 Mesbook 1 Mesbook 2024-11-21 N/A 7.5 HIGH
Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version. An unauthenticated remote attacker can use the "message" parameter to inject a payload with dangerous JavaScript code, causing the application to loop requests on itself, which could lead to resource consumption and disable the application.
CVE-2024-6426 1 Mesbook 1 Mesbook 2024-11-21 N/A 8.1 HIGH
Information exposure vulnerability in MESbook 20221021.03 version, the exploitation of which could allow a local attacker, with user privileges, to access different resources by changing the API value of the application.