Vulnerabilities > Outsystems > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-31 | CVE-2020-13639 | Cross-site Scripting vulnerability in Outsystems products A stored XSS vulnerability was discovered in the ECT Provider in OutSystems before 2020-09-04, affecting generated applications. | 6.1 |
| 2020-11-30 | CVE-2020-29441 | Unrestricted Upload of File with Dangerous Type vulnerability in Outsystems 10 An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0. | 6.5 |
| 2019-12-31 | CVE-2019-12273 | Cross-Site Request Forgery (CSRF) vulnerability in Outsystems OutSystems Platform 10 through 11 allows ImageResourceDetail.aspx CSRF for content modifications and file uploads. | 6.5 |