SARABAN for INFOMA
by SoftVibe
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-38696 | 0.00 | — | 0.02 | Jan 18, 2022 | SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication. | |||
| CVE-2021-38695 | 0.00 | — | 0.01 | Jan 18, 2022 | SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. subject, description) of the document form. | |||
| CVE-2021-38694 | 0.00 | — | 0.01 | Jan 18, 2022 | SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection. |
- CVE-2021-38696Jan 18, 2022risk 0.00cvss —epss 0.02
SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication.
- CVE-2021-38695Jan 18, 2022risk 0.00cvss —epss 0.01
SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. subject, description) of the document form.
- CVE-2021-38694Jan 18, 2022risk 0.00cvss —epss 0.01
SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection.