Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HSage X3
APPSage12.14.0.50-0
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Powiązane podatności
CVE-2020-7388CRITICAL10.0ten sam produkt
Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By editing the clie...
CVE-2023-31868MEDIUM5.4ten sam produkt
Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting (XSS). Some parts of the Web application ar...
CVE-2020-7387MEDIUM5.3ten sam produkt
Sage X3 Installation Pathname Disclosure. A specially crafted packet can elicit a response from the AdxDSrv.ex...
CVE-2020-7389MEDIUM5.5ten sam produkt
Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass ...
CVE-2020-7390MEDIUM4.6ten sam produkt
Sage X3 Stored XSS Vulnerability on ‘Edit’ Page of User Profile. An authenticated user can pass XSS strings th...