Sage Xrt Business Exchange vulnerabilities
2 known vulnerabilities affecting sage/sage_xrt_business_exchange.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-34324P2HIGHCVSS 8.8v12.4.3022023-01-01
CVE-2022-34324 [HIGH] CWE-89 CVE-2022-34324: Multiple SQL injections in Sage XRT Business Exchange 12.4.302 allow an authenticated attacker to in
Multiple SQL injections in Sage XRT Business Exchange 12.4.302 allow an authenticated attacker to inject malicious data in SQL queries: Add Currencies, Payment Order, and Transfer History.
nvd
CVE-2022-34323P4MEDIUMCVSS 5.4v12.4.3022023-01-01
CVE-2022-34323 [MEDIUM] CWE-79 CVE-2022-34323: Multiple XSS issues were discovered in Sage XRT Business Exchange 12.4.302 that allow an attacker to
Multiple XSS issues were discovered in Sage XRT Business Exchange 12.4.302 that allow an attacker to execute JavaScript code in the context of other users' browsers. The attacker needs to be authenticated to reach the vulnerable features. An issue is present in the Filters and Display model features (OnlineBanking > Web Monitoring > Settings > Filter
nvd