Vulnerabilities > Easyvista > Service Manager > 2022.1.109.0.03

DATE CVE VULNERABILITY TITLE RISK
2023-01-10 CVE-2022-38489 Cross-site Scripting vulnerability in Easyvista Service Manager 2020.2.125.3/2022.1.109.0.03
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03 It is prone to stored Cross-site Scripting (XSS).
network
low complexity
easyvista CWE-79
5.4
2023-01-10 CVE-2022-38490 SQL Injection vulnerability in Easyvista Service Manager 2020.2.125.3/2022.1.109.0.03
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03.
network
low complexity
easyvista CWE-89
8.8
2023-01-10 CVE-2022-38491 Improper Restriction of Excessive Authentication Attempts vulnerability in Easyvista Service Manager 2020.2.125.3/2022.1.109.0.03
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03.
network
low complexity
easyvista CWE-307
7.5
2023-01-10 CVE-2022-38492 SQL Injection vulnerability in Easyvista Service Manager 2020.2.125.3/2022.1.109.0.03
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03.
network
low complexity
easyvista CWE-89
8.8