VYPR

OutSystems

by OutSystems

CVEs (2)

  • CVE-2019-12273MedDec 31, 2019
    risk 0.42cvss 6.5epss 0.00

    OutSystems Platform 10 through 11 allows ImageResourceDetail.aspx CSRF for content modifications and file uploads. NOTE: The product is self-hosted by the customer, even though it has a *.outsystemsenterprise.com domain name.) NOTE: The vendor claims that the independent…

  • CVE-2020-13639MedAug 31, 2021
    risk 0.40cvss 6.1epss 0.01

    A stored XSS vulnerability was discovered in the ECT Provider in OutSystems before 2020-09-04, affecting generated applications. It could allow an unauthenticated remote attacker to craft and store malicious Feedback content into /ECT_Provider/, such that when the content is…