Ni G Web Development Software vulnerabilities

CVE-2024-12742 [HIGH] CWE-502 CVE-2024-12742: A deserialization of untrusted data vulnerability exists in NI G Web Development Software that may r A deserialization of untrusted data vulnerability exists in NI G Web Development Software that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects G Web Development Software 2022 Q3 and prior versions.

CVE-2022-27237 [MEDIUM] CWE-79 CVE-2022-27237: There is a cross-site scripting (XSS) vulnerability in an NI Web Server component installed with sev There is a cross-site scripting (XSS) vulnerability in an NI Web Server component installed with several NI products. Depending on the product(s) in use, remediation guidance includes: install SystemLink version 2021 R3 or later, install FlexLogger 2022 Q2 or later, install LabVIEW 2021 SP1, install G Web Development 2022 R1 or later, or install Stat