Vulnerabilities > Easyvista

DATE CVE VULNERABILITY TITLE RISK
2023-01-10 CVE-2022-38489 Cross-site Scripting vulnerability in Easyvista Service Manager 2020.2.125.3/2022.1.109.0.03
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03 It is prone to stored Cross-site Scripting (XSS).
network
low complexity
easyvista CWE-79
5.4
2023-01-10 CVE-2022-38490 SQL Injection vulnerability in Easyvista Service Manager 2020.2.125.3/2022.1.109.0.03
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03.
network
low complexity
easyvista CWE-89
8.8
2023-01-10 CVE-2022-38491 Improper Restriction of Excessive Authentication Attempts vulnerability in Easyvista Service Manager 2020.2.125.3/2022.1.109.0.03
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03.
network
low complexity
easyvista CWE-307
7.5
2023-01-10 CVE-2022-38492 SQL Injection vulnerability in Easyvista Service Manager 2020.2.125.3/2022.1.109.0.03
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03.
network
low complexity
easyvista CWE-89
8.8
2022-10-20 CVE-2021-33231 Cross-site Scripting vulnerability in Easyvista Service Manager 2018.1.181.1
Cross Site Scripting (XSS) vulnerability in New equipment page in EasyVista Service Manager 2018.1.181.1 allows remote attackers to run arbitrary code via the notes field.
network
low complexity
easyvista CWE-79
5.4