Vulnerabilities in factionsecurity
5 resultsCVE-2025-66022CRITICALFACTION Unauthenticated Custom Extension Upload leads to RCEEPSS 0.6%CVE-2025-27422HIGHFACTION Allows Authentication Bypass via User CreationEPSS 0.4%CVE-2026-44668CRITICALFaction: Unauthenticated Read, Modify, and Delete of Boilerplate TemplatesEPSS 0.4%CVE-2026-44669HIGHFaction: Stored XSS in Assessment Attachment Filename Preview RenderingEPSS 0.2%CVE-2026-44667HIGHFaction: Stored XSS in Remediation Verification Attachment Filename Preview RenderingEPSS 0.2%