Vulnerabilities > ENG > Knowage > 6.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-04 | CVE-2023-38702 | Path Traversal vulnerability in ENG Knowage Knowage is an open source analytics and business intelligence suite. | 8.8 |
| 2023-07-14 | CVE-2023-37472 | SQL Injection vulnerability in ENG Knowage Knowage is an open source suite for business analytics. | 6.5 |
| 2023-07-03 | CVE-2023-36819 | Path Traversal vulnerability in ENG Knowage Knowage is the professional open source suite for modern business analytics over traditional sources and big data systems. | 6.5 |
| 2023-06-23 | CVE-2023-35154 | Improper Authentication vulnerability in ENG Knowage Knowage is an open source analytics and business intelligence suite. | 6.5 |
| 2022-10-13 | CVE-2022-39295 | Cross-site Scripting vulnerability in ENG Knowage Knowage is an open source suite for modern business analytics alternative over big data systems. | 6.1 |
| 2021-04-05 | CVE-2021-30058 | Cross-site Scripting vulnerability in ENG Knowage Knowage Suite before 7.4 is vulnerable to cross-site scripting (XSS). | 4.3 |
| 2021-04-05 | CVE-2021-30057 | Injection vulnerability in ENG Knowage A stored HTML injection vulnerability exists in Knowage Suite version 7.1. | 3.5 |
| 2021-04-05 | CVE-2021-30056 | Cross-site Scripting vulnerability in ENG Knowage Knowage Suite before 7.4 is vulnerable to reflected cross-site scripting (XSS). | 3.5 |
| 2021-04-05 | CVE-2021-30055 | SQL Injection vulnerability in ENG Knowage A SQL injection vulnerability in Knowage Suite version 7.1 exists in the documentexecution/url analytics driver component via the 'par_year' parameter when running a report. | 6.5 |
| 2019-09-05 | CVE-2019-13188 | Improper Authentication vulnerability in ENG Knowage In Knowage through 6.1.1, an unauthenticated user can bypass access controls and access the entire application. | 5.0 |