Product:

Feripro

(Mecodia)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 3
Date Id Summary Products Score Patch Annotated
2024-08-02 CVE-2024-41519 Feripro <= v2.2.3 is vulnerable to Cross Site Scripting (XSS) via "/admin/programm/<program_id>/zuordnung/veranstaltungen/<event_id>" through the "school" input field. Feripro 5.4
2024-08-02 CVE-2024-41517 An Incorrect Access Control vulnerability in "/admin/benutzer/institution/rechteverwaltung/uebersicht" in Feripro <= v2.2.3 allows remote attackers to get a list of all users and their corresponding privileges. Feripro 5.3
2024-08-02 CVE-2024-41518 An Incorrect Access Control vulnerability in "/admin/programm/<program_id>/export/statistics" in Feripro <= v2.2.3 allows remote attackers to export an XLSX file with information about registrations and participants. Feripro 7.5