Vulnerabilities > Bssys > RBS BS Client Retail Client > 2.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-13 | CVE-2014-4198 | Improper Authentication vulnerability in Bssys RBS Bs-Client. Retail Client 2.4/2.5 A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user access privileged function. | 6.4 |
| 2020-01-03 | CVE-2014-10398 | Cross-site Scripting vulnerability in Bssys RBS Bs-Client. Retail Client 2.4/2.5 Multiple cross-site scripting (XSS) vulnerabilities in bsi.dll in Bank Soft Systems (BSS) RBS BS-Client. | 4.3 |