Vulnerabilities > Opswat > Metadefender > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-19 | CVE-2022-40778 | Cross-site Scripting vulnerability in Opswat Metadefender A stored Cross-Site Scripting (XSS) vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML because of the blocked page response. | 5.4 |
| 2022-06-08 | CVE-2022-32273 | Information Exposure Through Discrepancy vulnerability in Opswat Metadefender As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore) before 5.1.2 could allow an authenticated user to enumerate filenames on the server. | 4.3 |