VYPR

Eramba Community edition

by Eramba

CVEs (2)

  • CVE-2023-36255HigAug 3, 2023
    risk 0.65cvss 8.8epss 0.57

    An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL.

  • CVE-2024-27593MedMay 15, 2024
    risk 0.35cvss 5.4epss 0.00

    A stored cross-site scripting (XSS) vulnerability in the Filter function of Eramba Version 3.22.3 Community Edition allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the filter name field. This vulnerability has been…