Parlano ≫ Mindalign

Cross-site scripting (XSS) vulnerability in Parlano MindAlign 5.0 and later versions allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Parlano MindAlign 5.0 and later versions allows remote attackers to list valid users via unknown vectors, aka the "User Enumeration" vulnerability.

Unknown vulnerability in Parlano MindAlign 5.0 and later versions allows remote attackers to bypass authentication via unknown vectors.

Parlano MindAlign 5.0 and later versions uses weak encryption, with unknown impact and attack vectors.