VYPR

DAM

by OpenAsset

CVEs (2)

  • CVE-2020-28860HigDec 14, 2020
    risk 0.57cvss 8.8epss 0.02

    OpenAssetDigital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input, incorporating it into its SQL queries, allowing for authenticated blind SQL injection.

  • CVE-2020-28857MedDec 14, 2020
    risk 0.40cvss 6.1epss 0.02

    OpenAsset Digital Asset Management (DAM) through 12.0.19, does not correctly sanitize user supplied input in multiple parameters and endpoints, allowing for stored cross-site scripting attacks.