Loyalty Experience Platform

loyalty_experience_platform

Vendor: Annexcloud • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-31928 1Annexcloud 1Loyalty Experience Platform Nov 21, 2024 Jun 10, 2021 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to escalate privileges to superadministrator. It was fixed in v2021.1.0.2.
CVE-2021-31927 1Annexcloud 1Loyalty Experience Platform Nov 21, 2024 Jun 10, 2021 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 An Insecure Direct Object Reference (IDOR) vulnerability in Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify any existing user, including users assigned to different environ...Show more An Insecure Direct Object Reference (IDOR) vulnerability in Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify any existing user, including users assigned to different environments and clients. It was fixed in v2021.1.0.2.Show less
CVE-2021-31929 1Annexcloud 1Loyalty Experience Platform Nov 21, 2024 Jun 10, 2021 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify loyalty campaigns and settings, such as fraud prevention, coupon groups, email templates, or referrals.