Vulnerabilities > Matera > Banco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-03 | CVE-2018-14929 | Cross-site Scripting vulnerability in Matera Banco 1.0.0 Matera Banco 1.0.0 is vulnerable to multiple reflected XSS, as demonstrated by the /contingency/web/index.jsp (aka home page) url parameter. | 6.1 |
| 2018-08-03 | CVE-2018-14927 | Path Traversal vulnerability in Matera Banco 1.0.0 Matera Banco 1.0.0 is vulnerable to path traversal (allowing access to system files outside the default application folder) via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp. | 5.3 |
| 2018-08-03 | CVE-2018-14924 | Cross-site Scripting vulnerability in Matera Banco 1.0.0 Matera Banco 1.0.0 is vulnerable to multiple stored XSS, as demonstrated by the sca/privilegio/consultarUsuario.jsf "Nome Completo" (aka user fullname) field. | 6.1 |