Product
sismics teedy
8 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-11853
CVE-2024-54852
CVE-2024-54851
CVE-2025-22963
CVE-2024-46278
CVE-2023-4892
CVE-2022-22115
CVE-2022-22114
<= 1.11
A vulnerability was determined in Sismics Teedy up to 1.11. This affects an unknown function of the file /api/file of the componen
>= 1.9 and <= 1.12
When LDAP connection is activated in Teedy versions between 1.9 to 1.12, the username field of the login form is vulnerable to LDA
<= 1.12
Teedy <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF), due to the lack of CSRF protection.
<= 1.11
Teedy through 1.11 allows CSRF for account takeover via POST /api/user/admin.
all versions
Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via the management console.
all versions
Teedy v1.11 has a vulnerability in its text editor that allows events to be executed in HTML tags that an attacker could manipula
>= 1.5 and <= 1.9
In Teedy, versions v1.5 through v1.9 are vulnerable to Stored Cross-Site Scripting (XSS) in the name of a created Tag. Since the T
>= 1.5 and <= 1.9
In Teedy, versions v1.5 through v1.9 are vulnerable to Reflected Cross-Site Scripting (XSS). The “search term" search functional