Vulnerabilities > Bonitasoft

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-05	CVE-2020-36640	XXE vulnerability in Bonitasoft Webservice Connector A vulnerability, which was classified as problematic, was found in bonitasoft bonita-connector-webservice up to 1.3.0. network low complexity bonitasoft CWE-611 critical	9.8
2022-06-02	CVE-2022-25237	Unspecified vulnerability in Bonitasoft Bonita web 2021.2 Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an overly broad exclude pattern used in the RestAPIAuthorizationFilter. network low complexity bonitasoft critical	9.8
2018-02-28	CVE-2015-3898	Open Redirect vulnerability in Bonitasoft Bonita BPM Portal Multiple open redirect vulnerabilities in Bonita BPM Portal before 6.5.3 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the redirectUrl parameter to (1) bonita/login.jsp or (2) bonita/loginservice. network bonitasoft CWE-601	5.8
2015-06-18	CVE-2015-3897	Path Traversal vulnerability in Bonitasoft Bonita BPM Portal Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. network low complexity bonitasoft CWE-22	5.0

Vulnerabilities > Bonitasoft {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Bonitasoft"}]}