Product
naver ngrinder
7 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-28216
CVE-2024-28215
CVE-2024-28214
CVE-2024-28213
CVE-2024-28212
CVE-2024-28211
CVE-2016-5060
< 3.5.9
nGrinder before 3.5.9 allows an attacker to obtain the results of webhook requests due to lack of access control, which could be t
< 3.5.9
nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of access control, which could be t
< 3.5.9
nGrinder before 3.5.9 allows to set delay without limitation, which could be the cause of Denial of Service by remote attacker.
< 3.5.9
nGrinder before 3.5.9 allows to accept serialized Java objects from unauthenticated users, which could allow remote attacker to ex
< 3.5.9
nGrinder before 3.5.9 uses old version of SnakeYAML, which could allow remote attacker to execute arbitrary code via unsafe deseri
< 3.5.9
nGrinder before 3.5.9 allows connection to malicious JMX/RMI server by default, which could be the cause of executing arbitrary co
<= 3.3
Multiple cross-site scripting (XSS) vulnerabilities in nGrinder before 3.4 allow remote attackers to inject arbitrary web script o