Vulnerabilities > Dundas > Dundas BI > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-11-10 CVE-2020-28409 Cross-site Scripting vulnerability in Dundas BI 5.0.1.1010/8.0.0.1001
The server in Dundas BI through 8.0.0.1001 allows XSS via addition of a Component (e.g., a button) when events such as click, hover, etc.
network
low complexity
dundas CWE-79
5.4
5.4
2020-11-10 CVE-2020-28408 Cross-site Scripting vulnerability in Dundas BI 5.0.1.1010/8.0.0.1001
The server in Dundas BI through 8.0.0.1001 allows XSS via an HTML label when creating or editing a dashboard.
network
low complexity
dundas CWE-79
5.4
5.4