Vulnerabilities > Inductiveautomation > Ignition > 7.9.20
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-03 | CVE-2023-38124 | Unspecified vulnerability in Inductiveautomation Ignition Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-38121 | Cross-site Scripting vulnerability in Inductiveautomation Ignition Inductive Automation Ignition OPC UA Quick Client Cross-Site Scripting Remote Code Execution Vulnerability. | 9.0 |
| 2024-05-03 | CVE-2023-38122 | Unspecified vulnerability in Inductiveautomation Ignition Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability. | 7.2 |
| 2024-05-03 | CVE-2023-38123 | Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability. | 8.8 |
| 2022-08-05 | CVE-2022-1704 | Unspecified vulnerability in Inductiveautomation Ignition Due to an XML external entity reference, the software parses XML in the backup/restore functionality without XML security flags, which may lead to a XXE attack while restoring the backup. | 9.8 |