Twake

twake

Vendor: Linagora • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-70039 1Linagora 1Twake Mar 13, 2026 Mar 9, 2026 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223.
CVE-2025-70038 1Linagora 1Twake Mar 13, 2026 Mar 9, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code.
CVE-2025-70037 1Linagora 1Twake Mar 13, 2026 Mar 9, 2026 N/A· v4 6.1 MEDIUM· v3 N/A· v2 An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in linagora Twake v2023.Q1.1223. This allows attackers to obtain sensitive information and execute arbitrary code.
CVE-2023-2675 1Linagora 1Twake Nov 21, 2024 Nov 7, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 2023.Q1.1223.
CVE-2023-1665 1Linagora 1Twake Nov 21, 2024 Mar 27, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0.
CVE-2023-0028 1Linagora 1Twake Nov 21, 2024 Jan 1, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Stored in GitHub repository linagora/twake prior to 2023.Q1.1200+.