Every CVE whose affected-product data names Ponton X/p Messenger, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2021-45887 — CVSS 9.8 (critical): An issue was discovered in PONTON X/P Messenger before 3.11.2. Due to path traversal in private/SchemaSetUpload.do for uploaded ZIP files…
CVE-2021-45886 — CVSS 8.8 (high): An issue was discovered in PONTON X/P Messenger before 3.11.2. Anti-CSRF tokens are globally valid, making the web application vulnerable…
CVE-2021-45889 — CVSS 5.4 (medium): An issue was discovered in PONTON X/P Messenger before 3.11.2. Several functions are vulnerable to reflected XSS, as demonstrated by…
CVE-2021-45888 — CVSS 4.8 (medium): An issue was discovered in PONTON X/P Messenger before 3.11.2. The navigation tree that is shown on the left side of every page of the web…