Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Priority — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting Priority. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Priority is a task management and productivity platform designed for team collaboration and workflow organization. Historically, Priority has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues, with 14 CVEs documented to date. The platform's security posture has been compromised through insufficient input validation and improper access controls, leading to potential unauthorized system access and data exposure. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities in web application components suggests ongoing challenges in secure coding practices, requiring organizations to implement robust compensating controls when deploying this solution.

Top products by Priority: Web Priority Priority web Priority for Windows PRI WEB Portal Add-On for Priority ERP on prem PRI WEB
CVE IDTitleCVSSSeverityPublished
CVE-2025-55064 Priority - CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') — WebCWE-79 4.8 Medium2025-12-29
CVE-2025-55063 Priority - CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') — WebCWE-79 4.8 Medium2025-12-29
CVE-2025-55062 Priority - CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') — WebCWE-79 4.8 Medium2025-12-29
CVE-2025-55061 Priority - CWE-434 Unrestricted Upload of File with Dangerous Type — WebCWE-434 8.8 High2025-12-29
CVE-2025-55060 Priority - CWE-601: URL Redirection to Untrusted Site ('Open Redirect') — WebCWE-601 6.1 Medium2025-12-29
CVE-2024-47922 Priority – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor — PRI WEBCWE-200 7.5 High2024-12-30
CVE-2024-41699 Priority – CWE-552: Files or Directories Accessible to External Parties — PriorityCWE-552 4.4 Medium2024-08-20
CVE-2024-41698 Priority – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor — PriorityCWE-200 4.3 Medium2024-08-20
CVE-2024-41697 Priority – CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) — PriorityCWE-80 6.1 Medium2024-08-20
CVE-2024-41696 Priority PRI WEB Portal Add-On for Priority ERP on prem – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor — PRI WEB Portal Add-On for Priority ERP on premCWE-200 7.5 High2024-07-30
CVE-2023-23459 Priority Windows – Command Execution via SQL Injection — Priority for WindowsCWE-89 9.1 Critical2023-02-15
CVE-2023-23460 Priority Web – Authentication bypass — Priority Web 9.1 Critical2023-02-15
CVE-2022-23173 Priority - Priority web Insecure direct object references (IDOR) — Priority web 5.5 Medium2022-07-06
CVE-2022-23172 Priority - Priority User Enumeration — Priority 5.5 Medium2022-07-06

This page lists every published CVE security advisory associated with Priority. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.