Vulnerabilities > Osisoft > PI Vision > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-18 | CVE-2020-25163 | Cross-site Scripting vulnerability in Osisoft PI Vision 2017/2019 A remote attacker with write access to PI ProcessBook files could inject code that is imported into OSIsoft PI Vision 2020 versions prior to 3.5.0. | 4.9 |
| 2022-04-18 | CVE-2020-25167 | Incorrect Authorization vulnerability in Osisoft PI Vision OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with insufficient privileges for an AF attribute. | 4.0 |
| 2021-11-17 | CVE-2021-43553 | Incorrect Authorization vulnerability in Osisoft PI Vision 2017/2019 PI Vision could disclose information to a user with insufficient privileges for an AF attribute that is the child of another attribute and is configured as a Limits property. | 4.0 |
| 2020-01-15 | CVE-2019-18275 | Unspecified vulnerability in Osisoft PI Vision 2017/2019 OSIsoft PI Vision, All versions of PI Vision prior to 2019. | 4.0 |
| 2020-01-15 | CVE-2019-18271 | Cross-Site Request Forgery (CSRF) vulnerability in Osisoft PI Vision 2017 OSIsoft PI Vision, All versions of PI Vision prior to 2019. | 6.8 |
| 2018-03-14 | CVE-2018-7508 | Cross-site Scripting vulnerability in Osisoft PI Vision and PI web API A Cross-site Scripting issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. | 4.3 |
| 2018-03-14 | CVE-2018-7504 | Cross-site Scripting vulnerability in Osisoft PI Vision 2017 A Protection Mechanism Failure issue was discovered in OSIsoft PI Vision versions 2017 and prior. | 4.3 |
| 2018-03-14 | CVE-2018-7496 | Information Exposure vulnerability in Osisoft PI Vision 2017 An Information Exposure issue was discovered in OSIsoft PI Vision versions 2017 and prior. | 5.0 |