Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2022-34834

Disclosure Date: October 27, 2023 (last updated November 08, 2023)
An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-34833

Disclosure Date: October 27, 2023 (last updated November 08, 2023)
An issue was discovered in VERMEG AgileReporter 21.3. An admin can enter an XSS payload in the Analysis component.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-34832

Disclosure Date: October 27, 2023 (last updated November 08, 2023)
An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur via an XML document to the Analysis component.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0