VYPR
Vendor

Axelor

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2025-50341CriAug 4, 2025
    risk 0.64cvss 9.8epss 0.00

    A Boolean-based SQL injection vulnerability was discovered in Axelor 5.2.4 via the _domain parameter. An attacker can manipulate the SQL query logic and determine true/false conditions, potentially leading to data exposure or further exploitation.

  • CVE-2022-25138MedMar 3, 2022
    risk 0.35cvss 5.4epss 0.01

    Axelor Open Suite v5.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Name parameter.