Passwork On-Premise Edition before 4.6.13 allows migration/downloadExportFile Directory Traversal (to read files).
4.3CVSS
4.6AI Score
0.001EPSS
Passwork On-Premise Edition before 4.6.13 allows migration/uploadExportFile Directory Traversal (to upload files).
8.8CVSS
8.7AI Score
0.001EPSS
Passwork On-Premise Edition before 4.6.13 allows CSRF via the groups, password, and history subsystems.
8.8CVSS
8.7AI Score
0.001EPSS
6.1CVSS
6AI Score
0.001EPSS
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext cached credentials.
7.5CVSS
7.4AI Score
0.002EPSS
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain the cleartext master password.
7.5CVSS
7.4AI Score
0.002EPSS
Passwork before 6.2.0 allows remote authenticated users to bypass 2FA by sending all one million of the possible 6-digit codes.
8.1CVSS
7.7AI Score
0.001EPSS