Known Vulnerabilities for products from Mycomplianceoffice
Listed below are 7 of the newest known vulnerabilities associated with the vendor "Mycomplianceoffice".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-53909 json | MCO does not correctly validate types of uploaded files. File upload validation functionality relies only on client-side chec... | Not Provided | 2026-07-01 | 2026-07-06 |
| CVE-2026-53908 json | MCO is vulnerable to User Enumeration through authentication-related functionalities. The application returns distinguishable... | Not Provided | 2026-07-01 | 2026-07-06 |
| CVE-2026-53907 json | MCO is vulnerable to Stored Cross‑Site Scripting (XSS) via the application logo upload functionality. An attacker with the ... | Not Provided | 2026-07-01 | 2026-07-06 |
| CVE-2026-53906 json | MCO is vulnerable to Path Disclosure and Path Traversal in file handling functionality related to data export and upload. Imp... | Not Provided | 2026-07-01 | 2026-07-06 |
| CVE-2026-53905 json | MCO does not properly enforce authorization checks in the /customer/servlet/mco/webapi/admin-view-hierarchy/get-acl-tree-stru... | Not Provided | 2026-07-01 | 2026-07-06 |
| CVE-2026-53904 json | MCO is vulnerable to Account Denial of Service due to improper implementation of password reset functionality. Each password ... | Not Provided | 2026-07-01 | 2026-07-06 |
| CVE-2026-53902 json | MCO does not properly enforce authorization checks in the /customer/servlet/mco/webapi/profile-sections/group-membership endp... | Not Provided | 2026-07-01 | 2026-07-06 |