Vulnerabilities > Sage > Syracuse

DATE CVE VULNERABILITY TITLE RISK
2021-07-22 CVE-2020-7389 OS Command Injection vulnerability in Sage Syracuse
Sage X3 System CHAINE Variable Script Command Injection.
network
low complexity
sage CWE-78
critical
 9.0
9.0
2021-07-22 CVE-2020-7390 Cross-site Scripting vulnerability in Sage Syracuse 12.0
Sage X3 Stored XSS Vulnerability on ‘Edit’ Page of User Profile.
network
low complexity
sage CWE-79
5.4
5.4