Vulnerabilities > Talend > Administration Center > 7.2.0

DATE CVE VULNERABILITY TITLE RISK
2022-05-26 CVE-2022-31648 Cross-site Scripting vulnerability in Talend Administration Center 7.2.0/7.3.0/8.0.0
Talend Administration Center is vulnerable to a reflected Cross-Site Scripting (XSS) issue in the SSO login endpoint.
network
low complexity
talend CWE-79
6.1
6.1
2022-05-04 CVE-2022-29942 Server-Side Request Forgery (SSRF) vulnerability in Talend Administration Center 7.2.0/7.3.0/8.0.0
Talend Administration Center has a vulnerability that allows an authenticated user to use the Service Registry 'Add' functionality to perform SSRF HTTP GET requests on URLs in the internal network.
network
low complexity
talend CWE-918
6.5
6.5
2022-05-04 CVE-2022-29943 XXE vulnerability in Talend Administration Center 7.2.0/7.3.0/8.0.0
Talend Administration Center has a vulnerability that allows an authenticated user to use XML External Entity (XXE) processing to achieve read access as root on the remote filesystem.
network
low complexity
talend CWE-611
6.5
6.5