Every CVE whose affected-product data names Sismics Teedy, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2024-54852 — CVSS 9.8 (critical): When LDAP connection is activated in Teedy versions between 1.9 to 1.12, the username field of the login form is vulnerable to LDAP…
CVE-2022-22114 — CVSS 9.6 (critical): In Teedy, versions v1.5 through v1.9 are vulnerable to Reflected Cross-Site Scripting (XSS). The “search term" search functionality is…
CVE-2022-22115 — CVSS 9.0 (critical): In Teedy, versions v1.5 through v1.9 are vulnerable to Stored Cross-Site Scripting (XSS) in the name of a created Tag. Since the Tag name…
CVE-2024-54851 — CVSS 8.8 (high): Teedy <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF), due to the lack of CSRF protection.
CVE-2025-11853 — CVSS 6.3 (medium): A vulnerability was determined in Sismics Teedy up to 1.11. This affects an unknown function of the file /api/file of the component API…
CVE-2023-4892 — CVSS 5.7 (medium): Teedy v1.11 has a vulnerability in its text editor that allows events to be executed in HTML tags that an attacker could manipulate. Thanks…