Vulnerabilities > ENG > Knowage > 7.3.0

DATE CVE VULNERABILITY TITLE RISK
2021-04-05 CVE-2021-30057 Injection vulnerability in ENG Knowage
A stored HTML injection vulnerability exists in Knowage Suite version 7.1.
network
low complexity
eng CWE-74
4.8
4.8
2021-04-05 CVE-2021-30056 Cross-site Scripting vulnerability in ENG Knowage
Knowage Suite before 7.4 is vulnerable to reflected cross-site scripting (XSS).
network
low complexity
eng CWE-79
5.4
5.4
2021-04-05 CVE-2021-30055 SQL Injection vulnerability in ENG Knowage
A SQL injection vulnerability in Knowage Suite version 7.1 exists in the documentexecution/url analytics driver component via the 'par_year' parameter when running a report.
network
low complexity
eng CWE-89
8.8
8.8