Browse all 5 CVE security advisories affecting ctrlo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ctrlo provides workflow automation and process management solutions for IT operations. Historically, the product has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its five recorded CVEs. Security researchers have identified authentication bypass weaknesses and insufficient input validation as recurring problems. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential risks for organizations implementing the platform without proper hardening. The product's integration with system processes increases the potential impact of successful exploitation, particularly for privilege escalation flaws that could compromise entire infrastructure environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-4253 | ctrlo lenio Ticket Lenio.pm cross site scripting — lenioCWE-707 | 3.5 | Low | 2022-12-18 |
| CVE-2021-4254 | ctrlo lenio Notice main.tt cross site scripting — lenioCWE-707 | 3.5 | Low | 2022-12-18 |
| CVE-2021-4255 | ctrlo lenio contractor.tt cross site scripting — lenioCWE-707 | 3.5 | Low | 2022-12-18 |
| CVE-2021-4256 | ctrlo lenio index.tt cross site scripting — lenioCWE-707 | 3.5 | Low | 2022-12-18 |
| CVE-2021-4257 | ctrlo lenio Task task.tt cross site scripting — lenioCWE-707 | 3.5 | Low | 2022-12-18 |
This page lists every published CVE security advisory associated with ctrlo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.