Vulnerabilities > Gxsoftware > High

DATE CVE VULNERABILITY TITLE RISK
2023-07-26 CVE-2022-43710 Cross-Site Request Forgery (CSRF) vulnerability in Gxsoftware Xperiencentral
Interactive Forms (IAF) in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery (CSRF) because the unique token could be deduced using the names of all input fields.
network
low complexity
gxsoftware CWE-352
8.8
8.8
2023-07-26 CVE-2022-43713 Improper Input Validation vulnerability in Gxsoftware Xperiencentral
Interactive Forms (IAF) in GX Software XperienCentral versions 10.33.1 until 10.35.0 was vulnerable to invalid data input because form validation could be bypassed.
network
low complexity
gxsoftware CWE-20
7.5
7.5