Vulnerabilities > Sysaid > Sysaid ON Premises
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-30 | CVE-2023-32225 | Unrestricted Upload of File with Dangerous Type vulnerability in Sysaid On-Premises Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method. | 7.2 |
| 2023-07-30 | CVE-2023-32226 | Files or Directories Accessible to External Parties vulnerability in Sysaid On-Premises Sysaid - CWE-552: Files or Directories Accessible to External Parties - Authenticated users may exfiltrate files from the server via an unspecified method. | 6.5 |
| 2020-10-02 | CVE-2020-13168 | Cross-site Scripting vulnerability in Sysaid On-Premises and Sysaidsy On-Premises SysAid 20.1.11b26 allows reflected XSS via the ForgotPassword.jsp accountid parameter. | 6.1 |