2 results (0.078 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

A security defect was discovered in Foundry Issues that enabled users to create convincing phishing links by editing the request sent when creating an Issue. This defect was resolved in Frontend release 6.228.0 . • https://palantir.safebase.us/?tcuUid=42bdb7fa-9a6d-4462-b89d-cabc62f281f4 • CWE-20: Improper Input Validation •

CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0

Palantir Foundry deployments running Lime2 versions between 2.519.0 and 2.532.0 were vulnerable a bug that allowed authenticated users within a Foundry organization to bypass discretionary or mandatory access controls under certain circumstances. • https://palantir.safebase.us/?tcuUid=7f1fd834-805d-4679-85d0-9d779fa064ae • CWE-304: Missing Critical Step in Authentication CWE-863: Incorrect Authorization •