Vulnerabilities > Bonitasoft > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-05 | CVE-2020-36640 | XXE vulnerability in Bonitasoft Webservice Connector A vulnerability, which was classified as problematic, was found in bonitasoft bonita-connector-webservice up to 1.3.0. | 9.8 |
| 2022-06-02 | CVE-2022-25237 | Unspecified vulnerability in Bonitasoft Bonita web 2021.2 Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an overly broad exclude pattern used in the RestAPIAuthorizationFilter. | 9.8 |