← Back

Olk Webstore

olk_webstore

Vendor: Topmanage • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-6845
1Topmanage
1Olk Webstore
Jun 17, 2026
Feb 18, 2020
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
An issue was discovered in TopManage OLK 2020. As there is no ReadOnly on the Session cookie, the user and admin accounts can be taken over in a DOM-Based XSS attack.
CVE-2020-6844
1Topmanage
1Olk Webstore
Jun 17, 2026
Feb 18, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
In TopManage OLK 2020, login CSRF can be chained with another vulnerability in order to takeover admin and user accounts.