Vulnerabilities > Opswat > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-09-19 CVE-2022-40778 Cross-site Scripting vulnerability in Opswat Metadefender
A stored Cross-Site Scripting (XSS) vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML because of the blocked page response.
network
low complexity
opswat CWE-79
5.4
2022-06-08 CVE-2022-32273 Information Exposure Through Discrepancy vulnerability in Opswat Metadefender
As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore) before 5.1.2 could allow an authenticated user to enumerate filenames on the server.
network
low complexity
opswat CWE-203
4.3