← Back

Tessa

tessa

Vendor: Servisnet • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-22833
1Servisnet
1Tessa
Nov 21, 2024
Feb 6, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in Servisnet Tessa 0.0.2. An attacker can obtain sensitive information via a /js/app.js request.
CVE-2022-22832
1Servisnet
1Tessa
Nov 21, 2024
Feb 6, 2022
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
An issue was discovered in Servisnet Tessa 0.0.2. Authorization data is available via an unauthenticated /data-service/users/ request.
CVE-2022-22831
1Servisnet
1Tessa
Nov 21, 2024
Feb 6, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in Servisnet Tessa 0.0.2. An attacker can add a new sysadmin user via a manipulation of the Authorization HTTP header.