Browse all 7 CVE security advisories affecting Tabit. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Tabit is a workforce management platform primarily used for scheduling, time tracking, and employee communication in retail and hospitality sectors. Historically, the platform has been vulnerable to multiple remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from insufficient input validation and access control issues. Notable security characteristics include its exposure of sensitive employee data and integration with third-party systems. While no major public incidents have been widely reported, the seven documented CVEs highlight consistent security concerns, particularly around unauthenticated RCE vulnerabilities that could allow attackers to compromise entire organizational environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-34772 | Tabit - password enumeration — Tabit | 4.3 | Medium | 2022-08-22 |
| CVE-2022-34776 | Tabit - giftcard stealth — Tabit | 5.5 | Medium | 2022-08-22 |
| CVE-2022-34775 | Tabit - Excessive data exposure — Tabit | 6.3 | Medium | 2022-08-22 |
| CVE-2022-34774 | Tabit - Arbitrary account modification — Tabit | 6.3 | Medium | 2022-08-22 |
| CVE-2022-34773 | Tabit - HTTP Method manipulation — Tabit | 4.9 | Medium | 2022-08-22 |
| CVE-2022-34770 | Tabit - sensitive information disclosure — Tabit | 4.6 | Medium | 2022-08-22 |
| CVE-2022-34771 | Tabit - arbitrary SMS send on Tabits behalf — Tabit | 5.5 | Medium | 2022-08-22 |
This page lists every published CVE security advisory associated with Tabit. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.