Vulnerabilities > Bloomreach

DATE CVE VULNERABILITY TITLE RISK
2021-03-11 CVE-2020-14989 Cross-Site Request Forgery (CSRF) vulnerability in Bloomreach Experience Manager
An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2.
4.3
2021-03-11 CVE-2020-14988 Cross-site Scripting vulnerability in Bloomreach Experience Manager
An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2.
network
bloomreach CWE-79
3.5
2021-03-11 CVE-2020-14987 Incorrect Permission Assignment for Critical Resource vulnerability in Bloomreach Experience Manager
An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2.
network
low complexity
bloomreach CWE-732
critical
9.0