Nintex Automation
by Nintex
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-27926 | 0.00 | — | 0.00 | Mar 10, 2025 | In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users. | |||
| CVE-2025-27924 | 0.00 | — | 0.00 | Mar 10, 2025 | Nintex Automation 5.6 and 5.7 before 5.8 has a stored XSS issue associated with the "Navigate to a URL" action. | |||
| CVE-2025-27925 | 0.00 | — | 0.00 | Mar 10, 2025 | Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization of user input. |
- CVE-2025-27926Mar 10, 2025risk 0.00cvss —epss 0.00
In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users.
- CVE-2025-27924Mar 10, 2025risk 0.00cvss —epss 0.00
Nintex Automation 5.6 and 5.7 before 5.8 has a stored XSS issue associated with the "Navigate to a URL" action.
- CVE-2025-27925Mar 10, 2025risk 0.00cvss —epss 0.00
Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization of user input.