Vulnerabilities > Sage > Sage XRT Business Exchange

DATE CVE VULNERABILITY TITLE RISK
2023-01-01 CVE-2022-34323 Cross-site Scripting vulnerability in Sage XRT Business Exchange 12.4.302
Multiple XSS issues were discovered in Sage XRT Business Exchange 12.4.302 that allow an attacker to execute JavaScript code in the context of other users' browsers.
network
low complexity
sage CWE-79
5.4
2023-01-01 CVE-2022-34324 SQL Injection vulnerability in Sage XRT Business Exchange 12.4.302
Multiple SQL injections in Sage XRT Business Exchange 12.4.302 allow an authenticated attacker to inject malicious data in SQL queries: Add Currencies, Payment Order, and Transfer History.
network
low complexity
sage CWE-89
8.8