Vulnerabilities > BMC > Remedy Smart Reporting > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-04 | CVE-2019-11216 | Unrestricted Upload of File with Dangerous Type vulnerability in BMC Remedy Smart Reporting BMC Smart Reporting 7.3 20180418 allows authenticated XXE within the import functionality. | 6.5 |
| 2019-07-26 | CVE-2019-1010147 | Cross-site Scripting vulnerability in multiple products Yellowfin Smart Reporting All Versions Prior to 7.3 is affected by: Incorrect Access Control - Privileges Escalation. | 5.4 |