Vulnerabilities > Nintex

DATE CVE VULNERABILITY TITLE RISK
2022-11-14 CVE-2022-38167 Cross-site Scripting vulnerability in Nintex Workflow 5.2.2.30
The Nintex Workflow plugin 5.2.2.30 for SharePoint allows XSS.
network
low complexity
nintex CWE-79
6.1
2015-10-21 CVE-2015-7299 SQL Injection vulnerability in Nintex K2 Blackpearl, K2 for Sharepoint and K2 Smartforms
SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in K2 blackpearl, smartforms, and K2 for SharePoint 4.6.7 allows remote attackers to execute arbitrary SQL commands via the xml parameter.
network
low complexity
nintex CWE-89
7.5