Iot Platform Security Vulnerabilities

CVE-2022-35134

Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting (XSS) vulnerability.

CVE-2022-35135

Boodskap IoT Platform v4.4.9-02 allows attackers to escalate privileges via a crafted request sent to /api/user/upsert/<uuid>.

CVE-2022-35136

Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests.