Every CVE whose affected-product data names Italtel Embrace, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2024-31842 — CVSS 8.8 (high): An issue was discovered in Italtel Embrace 1.6.4. The web application inserts the access token of an authenticated user inside GET…
CVE-2024-31846 — CVSS 7.5 (high): An issue was discovered in Italtel Embrace 1.6.4. The web application does not restrict or incorrectly restricts access to a resource from…
CVE-2024-31841 — CVSS 7.5 (high): An issue was discovered in Italtel Embrace 1.6.4. The web server fails to sanitize input data, allowing remote unauthenticated attackers to…
CVE-2024-31840 — CVSS 6.5 (medium): An issue was discovered in Italtel Embrace 1.6.4. The web application inserts cleartext passwords in the HTML source code. An authenticated…
CVE-2024-31847 — CVSS 6.1 (medium): An issue was discovered in Italtel Embrace 1.6.4. A stored cross-site scripting (XSS) vulnerability allows authenticated and…
CVE-2024-31845 — CVSS 5.3 (medium): An issue was discovered in Italtel Embrace 1.6.4. The product does not neutralize or incorrectly neutralizes output that is written to…
CVE-2024-31844 — CVSS 5.3 (medium): An issue was discovered in Italtel Embrace 1.6.4. The server does not properly handle application errors. In some cases, this leads to a…
CVE-2024-31843 — CVSS 4.1 (medium): An issue was discovered in Italtel Embrace 1.6.4. The Web application does not properly check the parameters sent as input before they are…