Vulnerabilities > Ozeki > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-30 | CVE-2020-14030 | Deserialization of Untrusted Data vulnerability in Ozeki NG SMS Gateway An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. | 6.5 |
| 2020-09-22 | CVE-2020-14025 | Cross-Site Request Forgery (CSRF) vulnerability in Ozeki NG SMS Gateway Ozeki NG SMS Gateway through 4.17.6 has multiple CSRF vulnerabilities. | 6.8 |
| 2020-09-22 | CVE-2020-14024 | Cross-site Scripting vulnerability in Ozeki NG SMS Gateway Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the (1) Receiver or Recipient field in the Mailbox feature, (2) OZFORM_GROUPNAME field in the Group configuration of addresses, (3) listname field in the Defining address lists configuration, or (4) any GET Parameter in the /default URL of the application. | 4.3 |
| 2020-09-22 | CVE-2020-14023 | Server-Side Request Forgery (SSRF) vulnerability in Ozeki NG SMS Gateway Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS. | 4.0 |
| 2020-09-18 | CVE-2020-14029 | XXE vulnerability in Ozeki NG SMS Gateway An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. | 5.0 |
| 2020-09-18 | CVE-2020-14021 | Unspecified vulnerability in Ozeki NG SMS Gateway An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. | 4.0 |