Vulnerabilities > Openwfe > Work Flow Engine > 1.4.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-10-25 | CVE-2004-1631 | Remote Cross-Site Scripting And Connection Proxy vulnerability in OpenWFE Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to conduct port scans of remote hosts by specifying the target in an rmi:// Worklist URL, then using the response times to infer the results. | 5.0 |
2004-10-25 | CVE-2004-1630 | Remote Cross-Site Scripting And Connection Proxy vulnerability in OpenWFE Cross-site scripting (XSS) vulnerability in the login form in Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to execute arbitrary web script or HTML via the url parameter. network openwfe | 4.3 |