📦 Ovaledge
by Ovaledge
🔍 What is Ovaledge?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2022-30355 is an account takeover vulnerability in OvalEdge data governance platform where authenticated users can modify other users' profiles via improper access controls. This allows attackers ...
OvalEdge versions 5.2.8.0 and earlier contain an authentication-required CSRF vulnerability that allows attackers to take over user accounts by manipulating profile update requests. This affects all o...
OvalEdge versions 5.2.8.0 and earlier expose sensitive user ID data through an authenticated GET request to /user/getUserWithTeam. This vulnerability allows authenticated attackers to enumerate all re...
OvalEdge versions 5.2.8.0 and earlier contain a privilege escalation vulnerability where authenticated users with OE_ADMIN role privileges can assign arbitrary roles to other users via a POST request ...
OvalEdge versions 5.2.8.0 and earlier expose sensitive user data through an authenticated GET request to /user/getUserList. This vulnerability allows authenticated attackers to retrieve comprehensive ...
OvalEdge versions 5.2.8.0 and earlier expose sensitive user information through an unauthenticated GET request to /user/getUserType. This vulnerability allows attackers to retrieve personal details in...