Eng Knowage vulnerabilities
22 known vulnerabilities affecting eng/knowage.
Total CVEs
22
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH3MEDIUM16
Vulnerabilities
Page 2 of 2
CVE-2021-30056P4MEDIUMCVSS 5.4fixed in 7.42021-04-05
CVE-2021-30056 [MEDIUM] CWE-79 CVE-2021-30056: Knowage Suite before 7.4 is vulnerable to reflected cross-site scripting (XSS). An attacker can inje
Knowage Suite before 7.4 is vulnerable to reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in /restful-services/publish via the 'EXEC_FROM' parameter that can lead to data leakage.
nvd
CVE-2021-30057P4MEDIUMCVSS 4.8fixed in 7.42021-04-05
CVE-2021-30057 [MEDIUM] CWE-74 CVE-2021-30057: A stored HTML injection vulnerability exists in Knowage Suite version 7.1. An attacker can inject ar
A stored HTML injection vulnerability exists in Knowage Suite version 7.1. An attacker can inject arbitrary HTML in "/restful-services/2.0/analyticalDrivers" via the 'LABEL' and 'NAME' parameters.
nvd
← Previous2 / 2