← Back

Replyone

replyone

Vendor: Sematell • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-48907
1Sematell
1Replyone
Jun 4, 2025
May 1, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
Sematell ReplyOne 7.4.3.0 allows SSRF via the application server API.
CVE-2024-48906
1Sematell
1Replyone
Jun 4, 2025
May 1, 2025
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Sematell ReplyOne 7.4.3.0 allows XSS via a ReplyDesk e-mail attachment name.
CVE-2024-48905
1Sematell
1Replyone
Jun 4, 2025
May 1, 2025
N/A· v4
9.1 CRITICAL· v3
N/A· v2
Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint.