Vulnerabilities > Inetsoftware > I NET Clear Reports

DATE CVE VULNERABILITY TITLE RISK
2021-03-09 CVE-2020-28150 Open Redirect vulnerability in Inetsoftware I-Net Clear Reports 20.10.136
I-Net Software Clear Reports 20.10.136 web application accepts a user-controlled input that specifies a link to an external site, and uses the user supplied data in a Redirect.
network
low complexity
inetsoftware CWE-601
6.1
6.1
2020-07-15 CVE-2020-12684 XXE vulnerability in Inetsoftware I-Net Clear Reports 19.0.287
XXE injection can occur in i-net Clear Reports 2019 19.0.287 (Designer), as used in i-net HelpDesk and other products, when XML input containing a reference to an external entity is processed by a weakly configured XML parser.
network
low complexity
inetsoftware CWE-611
critical
 9.8
9.8