trueconf
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting trueconf.
- CVE-2026-3502TrueConf Client Update Integrity Verification BypassKEV7.8
- CVE-2025-66835TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context.7.1
- CVE-2025-66823An HTML Injection vulnerability in TrueConf server 5.5.2.10813 in the conference description field allows an attacker to inject arbitrary HTML in the Create/Edit conference functionality. The paylo...5.4
- CVE-2025-66834A CSV Formula Injection vulnerability in TrueConf Server v5.5.2.10813 allows a normal user to inject malicious spreadsheet formulas into exported chat logs via crafted Display Name.7.3
- CVE-2025-66824A Stored Cross-Site Scripting (XSS) vulnerability exists in the Meeting location field of the Create/Edit Conference functionality in TrueConf Server v5.5.2.10813. The injected payload is stored vi...8.7
- CVE-2022-46764A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 (fixed in 5.2.6.10025) allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote co...9.8
- CVE-2022-46763A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 (fixed in 5.2.6.10025) allows a low-privileged database user to execute arbitrary SQL commands as the database adm...8.8
- CVE-2017-20120TrueConf Server cross-site request forgery4.3
- CVE-2017-20119TrueConf Server change-lang redirect3.5
- CVE-2017-20118TrueConf Server DOM cross site scripting3.5
- CVE-2017-20117TrueConf Server group DOM cross site scripting3.5
- CVE-2017-20116TrueConf Server Reflected cross site scripting3.5
- CVE-2017-20115TrueConf Server Reflected cross site scripting3.5
- CVE-2017-20114TrueConf Server Reflected cross site scripting3.5
- CVE-2017-20113TrueConf Server Stored cross site scripting3.5