Dradisframework: >> Dradis >> 3.4.1 Security Vulnerabilities
Dradis before 4.8.0 allows persistent XSS by authenticated author users, related to avatars.
CVSS Score
8.7
EPSS Score
0.001
Published
2023-04-25
Dradis Professional Edition before 4.3.0 allows attackers to change an account password via reusing a password reset token.
CVSS Score
5.9
EPSS Score
0.002
Published
2022-06-24
The API in Dradis Pro 3.4.1 allows any user to extract the content of a project, even if this user is not part of the project team.
CVSS Score
6.5
EPSS Score
0.003
Published
2020-03-16