OBS
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-8262 | Cri | 0.64 | 9.8 | 0.01 | Mar 3, 2025 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Proliz Software OBS allows Path Traversal. This issue affects OBS: before 24.0927. | ||
| CVE-2024-8261 | Hig | 0.49 | 7.5 | 0.00 | Mar 3, 2025 | Authorization Bypass Through User-Controlled Key vulnerability in Proliz Software OBS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OBS: before 24.0927. | ||
| CVE-2025-14347 | Med | 0.41 | 6.3 | 0.00 | Dec 17, 2025 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Proliz Software Ltd. OBS (Student Affairs Information System)0 allows Reflected XSS. This issue affects OBS (Student Affairs Information System)0: before 26.5009. | ||
| CVE-2023-1726 | Med | 0.35 | 5.4 | 0.00 | Apr 7, 2023 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Proliz OBS allows Stored XSS for an authenticated user. This issue affects OBS: before 23.04.01. |
- risk 0.64cvss 9.8epss 0.01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Proliz Software OBS allows Path Traversal. This issue affects OBS: before 24.0927.
- risk 0.49cvss 7.5epss 0.00
Authorization Bypass Through User-Controlled Key vulnerability in Proliz Software OBS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OBS: before 24.0927.
- risk 0.41cvss 6.3epss 0.00
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Proliz Software Ltd. OBS (Student Affairs Information System)0 allows Reflected XSS. This issue affects OBS (Student Affairs Information System)0: before 26.5009.
- risk 0.35cvss 5.4epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Proliz OBS allows Stored XSS for an authenticated user. This issue affects OBS: before 23.04.01.