Vulnerabilities (CVE)

Filtered by vendor Steelcase Subscribe
Filtered by product Roomwizard
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-7057 1 Steelcase 2 Roomwizard, Roomwizard Firmware 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
RoomWizard before 4.4.x allows XSS via the HelpAction.action pageName parameter.
CVE-2018-7055 1 Steelcase 2 Roomwizard, Roomwizard Firmware 2024-02-04 5.0 MEDIUM 7.5 HIGH
GroupViewProxyServlet in RoomWizard before 4.4.x allows SSRF via the url parameter.
CVE-2018-7056 1 Steelcase 2 Roomwizard, Roomwizard Firmware 2024-02-04 5.0 MEDIUM 5.3 MEDIUM
RoomWizard before 4.4.x allows remote attackers to obtain potentially sensitive information about IP addresses via /getGroupTimeLineJSON.action.