Bizagi BPM Suite

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2014-2948	Bizagi Bizagi BPM Suite		0.00	—	0.01		May 22, 2014	SQL injection vulnerability in workflowenginesoa.asmx in Bizagi BPM Suite through 10.4 allows remote authenticated users to execute arbitrary SQL commands via a crafted SOAP request.
CVE-2014-2947	Bizagi Bizagi BPM Suite		0.00	—	0.01		May 22, 2014	Cross-site scripting (XSS) vulnerability in Login.aspx in Bizagi BPM Suite before 10.3 allows remote attackers to inject arbitrary web script or HTML via the txtUsername parameter.

CVE-2014-2948May 22, 2014
Bizagi
Bizagi BPM Suite
risk 0.00cvss —epss 0.01
SQL injection vulnerability in workflowenginesoa.asmx in Bizagi BPM Suite through 10.4 allows remote authenticated users to execute arbitrary SQL commands via a crafted SOAP request.
CVE-2014-2947May 22, 2014
Bizagi
Bizagi BPM Suite
risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Login.aspx in Bizagi BPM Suite before 10.3 allows remote attackers to inject arbitrary web script or HTML via the txtUsername parameter.