Vulnerabilities > Squaredup > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-09-03 CVE-2024-45180 Cross-site Scripting vulnerability in Squaredup DS for Scom
SquaredUp DS for SCOM 6.2.1.11104 allows XSS.
network
low complexity
squaredup CWE-79
5.4
5.4
2023-02-23 CVE-2022-46784 Open Redirect vulnerability in Squaredup Dashboard Server
SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows open redirection.
network
low complexity
squaredup CWE-601
6.1
6.1
2023-02-23 CVE-2022-46785 Cross-site Scripting vulnerability in Squaredup Dashboard Server
SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows XSS (issue 1 of 2).
network
low complexity
squaredup CWE-79
6.1
6.1
2023-02-23 CVE-2022-46786 Cross-site Scripting vulnerability in Squaredup Dashboard Server
SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows XSS (issue 2 of 2).
network
low complexity
squaredup CWE-79
5.4
5.4
2021-12-07 CVE-2021-40095 Unspecified vulnerability in Squaredup 4.6/5.2.1.6654
An issue was discovered in SquaredUp for SCOM 5.2.1.6654.
network
low complexity
squaredup
4.0
4.0
2021-02-03 CVE-2020-9390 Cross-site Scripting vulnerability in Squaredup
SquaredUp allowed Stored XSS before version 4.6.0.
network
low complexity
squaredup CWE-79
5.4
5.4
2021-02-03 CVE-2020-9389 Information Exposure Through Discrepancy vulnerability in Squaredup 4.6
A username enumeration issue was discovered in SquaredUp before version 4.6.0.
network
squaredup CWE-203
4.3
4.3
2021-02-03 CVE-2020-9388 Cross-Site Request Forgery (CSRF) vulnerability in Squaredup 4.6
CSRF protection was not present in SquaredUp before version 4.6.0.
network
low complexity
squaredup CWE-352
6.5
6.5