Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Moderate

CVE-2022-43939

Disclosure Date: April 03, 2023 (last updated October 08, 2023)
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented. 
Attacker Value
High

CVE-2022-43769

Disclosure Date: April 03, 2023 (last updated October 08, 2023)
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.