Vulnerabilities > Outsystems

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-10	CVE-2022-47636	Uncontrolled Search Path Element vulnerability in Outsystems Service Studio 11.53.30 A DLL hijacking vulnerability has been discovered in OutSystems Service Studio 11 11.53.30 build 61739. local low complexity outsystems CWE-427	7.8
2021-08-31	CVE-2020-13639	Cross-site Scripting vulnerability in Outsystems products A stored XSS vulnerability was discovered in the ECT Provider in OutSystems before 2020-09-04, affecting generated applications. network low complexity outsystems CWE-79	6.1
2021-04-12	CVE-2021-29357	Server-Side Request Forgery (SSRF) vulnerability in Outsystems products The ECT Provider component in OutSystems Platform Server 10 before 10.0.1104.0 and 11 before 11.9.0 (and LifeTime management console before 11.7.0) allows SSRF for arbitrary outbound HTTP requests. network low complexity outsystems CWE-918	8.6
2020-11-30	CVE-2020-29441	Unrestricted Upload of File with Dangerous Type vulnerability in Outsystems 10 An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0. network low complexity outsystems CWE-434	6.5
2019-12-31	CVE-2019-12273	Cross-Site Request Forgery (CSRF) vulnerability in Outsystems OutSystems Platform 10 through 11 allows ImageResourceDetail.aspx CSRF for content modifications and file uploads. network low complexity outsystems CWE-352	6.5

Vulnerabilities > Outsystems {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Outsystems"}]}