Browse all 4 CVE security advisories affecting StarTrinity. AI-powered Chinese analysis, POCs, and references for each vulnerability.
StarTrinity develops communication software, primarily serving contact centers and enterprises with voice and video solutions. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and access control weaknesses. While no major public security incidents have been widely documented, the four CVEs on record highlight recurring issues in authentication mechanisms and API security. Their software typically requires network exposure, increasing attack surface for potential exploitation. Security researchers have noted that patches are sometimes released with significant delays, leaving systems vulnerable between disclosure and remediation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-39372 | StarTrinity Softswitch version 2023-02-16 - multiple CSRF (CWE-352) — SoftswitchCWE-352 | 8.1 | High | 2023-09-03 |
| CVE-2023-39371 | StarTrinity Softswitch version 2023-02-16 – Open Redirect (CWE-601) — SoftswitchCWE-601 | 8.8 | High | 2023-09-03 |
| CVE-2023-39370 | StarTrinity Softswitch version 2023-02-16 - Persistent XSS (CWE-79) — SoftswitchCWE-79 | 8.8 | High | 2023-09-03 |
| CVE-2023-39369 | StarTrinity Softswitch version 2023-02-16 - multiple Reflected XSS (CWE-79) — SoftswitchCWE-79 | 8.8 | High | 2023-09-03 |
This page lists every published CVE security advisory associated with StarTrinity. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.