Vulnerabilities > Bladex > Springblade > 3.2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-02 | CVE-2023-47458 | Missing Authorization vulnerability in Bladex Springblade 3.2.0/3.6.0/3.7.0 An issue in SpringBlade v.3.7.0 and before allows a remote attacker to escalate privileges via the lack of permissions control framework. | 9.8 |
2023-09-19 | CVE-2023-40788 | Exposure of Resource to Wrong Sphere vulnerability in Bladex Springblade 3.2.0/3.6.0 SpringBlade <=V3.6.0 is vulnerable to Incorrect Access Control due to incorrect configuration in the default gateway resulting in unauthorized access to error logs | 5.3 |
2022-05-05 | CVE-2022-27360 | SQL Injection vulnerability in Bladex Springblade 3.2.0 SpringBlade v3.2.0 and below was discovered to contain a SQL injection vulnerability via the component customSqlSegment. | 7.5 |