Vulnerabilities in SOPlanning software
ID: 4a207b29-5240-5dae-a5cd-92d213d56494
STIX ID: report--4a207b29-5240-5dae-a5cd-92d213d56494
Feed Name: CERT Polska
Threat Score
## Executive summary CERT Polska coordinated disclosure of multiple vulnerabilities in SOPlanning (all versions before 1.55) — including broken access control, predictable password recovery tokens (allowing account takeover), several stored XSS issues across multiple endpoints, and a privilege escalation that lets users assign admin rights; all issues were fixed in version 1.55.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.