Vulnerabilities > Sync

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-14	CVE-2023-26559	Path Traversal vulnerability in Sync Oxygen Content Fusion and Oxygen XML web Author A directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. network low complexity sync CWE-22	5.3
2022-07-13	CVE-2021-46827	Cross-site Scripting vulnerability in Sync products An issue was discovered in Oxygen XML WebHelp before 22.1 build 2021082006 and 23.x before 23.1 build 2021090310. network low complexity sync CWE-79	6.1
2020-03-16	CVE-2019-20191	XXE vulnerability in Sync Oxygen XML Editor Oxygen XML Editor 21.1.1 allows XXE to read any file. network low complexity sync CWE-611	7.5

Vulnerabilities > Sync {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Sync"}]}