Servisnet: Security Vulnerabilities
An issue was discovered in Servisnet Tessa 0.0.2. An attacker can obtain sensitive information via a /js/app.js request.
CVSS Score
7.5
EPSS Score
0.187
Published
2022-02-06
An issue was discovered in Servisnet Tessa 0.0.2. An attacker can add a new sysadmin user via a manipulation of the Authorization HTTP header.
CVSS Score
9.8
EPSS Score
0.159
Published
2022-02-06
An issue was discovered in Servisnet Tessa 0.0.2. Authorization data is available via an unauthenticated /data-service/users/ request.
CVSS Score
9.8
EPSS Score
0.176
Published
2022-02-06