Vulnerabilities > RWS

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-18	CVE-2024-43024	Cross-site Scripting vulnerability in RWS Multitrans Multiple stored cross-site scripting (XSS) vulnerabilities in RWS MultiTrans v7.0.23324.2 and earlier allow attackers to execute arbitrary web scripts or HTML via a crafted payload. network low complexity rws CWE-79	6.1
2024-09-18	CVE-2024-43025	Cross-site Scripting vulnerability in RWS Multitrans An HTML injection vulnerability in RWS MultiTrans v7.0.23324.2 and earlier allows attackers to alter the HTML-layout and possibly execute a phishing attack via a crafted payload injected into a sent e-mail. network low complexity rws CWE-79	6.1
2023-12-25	CVE-2022-34267	Improper Authentication vulnerability in RWS Worldserver An issue was discovered in RWS WorldServer before 11.7.3. network low complexity rws CWE-287 critical	9.8
2023-12-25	CVE-2022-34268	Deserialization of Untrusted Data vulnerability in RWS Worldserver An issue was discovered in RWS WorldServer before 11.7.3. network low complexity rws CWE-502 critical	9.8
2023-08-01	CVE-2023-38357	Insufficient Entropy vulnerability in RWS Worldserver 11.7.3 Session tokens in RWS WorldServer 11.7.3 and earlier have a low entropy and can be enumerated, leading to unauthorized access to user sessions. network low complexity rws CWE-331	5.3

Vulnerabilities > RWS {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"RWS"}]}