Vulnerabilities > Europeana > Repox > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-13 | CVE-2023-6721 | Unspecified vulnerability in Europeana Repox 2.3.7 An XEE vulnerability has been found in Repox, which allows a remote attacker to interfere with the application's XML data processing in the fileupload function, resulting in interaction between the attacker and the server's file system. | 7.5 |
| 2023-12-13 | CVE-2023-6722 | Unspecified vulnerability in Europeana Repox 2.3.7 A path traversal vulnerability has been detected in Repox, which allows an attacker to read arbitrary files on the running server, resulting in a disclosure of sensitive information. | 7.5 |
| 2023-12-13 | CVE-2023-6718 | Missing Authentication for Critical Function vulnerability in Europeana Repox 2.3.7 An authentication bypass vulnerability has been found in Repox, which allows a remote user to send a specially crafted POST request, due to the lack of any authentication method, resulting in the alteration or creation of users. | 7.5 |