Vulnerabilities > Progress > Moveit Transfer > 2023.1.1

DATE CVE VULNERABILITY TITLE RISK
2024-01-17 CVE-2024-0396 Unspecified vulnerability in Progress Moveit Transfer
In Progress MOVEit Transfer versions released before 2022.0.10 (14.0.10), 2022.1.11 (14.1.11), 2023.0.8 (15.0.8), 2023.1.3 (15.1.3), an input validation issue was discovered.
network
low complexity
progress
7.1
7.1
2023-11-29 CVE-2023-6217 Cross-site Scripting vulnerability in Progress Moveit Transfer
In Progress MOVEit Transfer versions released before 2022.0.9 (14.0.9), 2022.1.10 (14.1.10), 2023.0.7 (15.0.7), a reflected cross-site scripting (XSS) vulnerability has been identified when MOVEit Gateway is used in conjunction with MOVEit Transfer.  An attacker could craft a malicious payload targeting the system which comprises a MOVEit Gateway and MOVEit Transfer deployment.
network
low complexity
progress CWE-79
6.1
6.1
2023-11-29 CVE-2023-6218 Improper Privilege Management vulnerability in Progress Moveit Transfer
In Progress MOVEit Transfer versions released before 2022.0.9 (14.0.9), 2022.1.10 (14.1.10), 2023.0.7 (15.0.7), a privilege escalation path associated with group administrators has been identified.  It is possible for a group administrator to elevate a group members permissions to the role of an organization administrator.
network
low complexity
progress CWE-269
7.2
7.2