Vulnerabilities > BMC > Remedy Smart Reporting > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-12-04 CVE-2019-11216 Unrestricted Upload of File with Dangerous Type vulnerability in BMC Remedy Smart Reporting
BMC Smart Reporting 7.3 20180418 allows authenticated XXE within the import functionality.
network
low complexity
bmc CWE-434
6.5
2019-07-26 CVE-2019-1010147 Cross-site Scripting vulnerability in multiple products
Yellowfin Smart Reporting All Versions Prior to 7.3 is affected by: Incorrect Access Control - Privileges Escalation.
network
low complexity
yellowfinbi bmc CWE-79
5.4