Vulnerabilities > Talend > Administration Center > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-01-10 CVE-2022-30332 Information Exposure Through Discrepancy vulnerability in Talend Administration Center 7.3.1
In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature provides different error messages for invalid reset attempts depending on whether the email address is associated with any account.
network
low complexity
talend CWE-203
5.3
2022-05-26 CVE-2022-31648 Cross-site Scripting vulnerability in Talend Administration Center 7.2.0/7.3.0/8.0.0
Talend Administration Center is vulnerable to a reflected Cross-Site Scripting (XSS) issue in the SSO login endpoint.
network
talend CWE-79
4.3
2022-05-04 CVE-2022-29942 Server-Side Request Forgery (SSRF) vulnerability in Talend Administration Center 7.2.0/7.3.0/8.0.0
Talend Administration Center has a vulnerability that allows an authenticated user to use the Service Registry 'Add' functionality to perform SSRF HTTP GET requests on URLs in the internal network.
network
low complexity
talend CWE-918
4.0
2022-05-04 CVE-2022-29943 XXE vulnerability in Talend Administration Center 7.2.0/7.3.0/8.0.0
Talend Administration Center has a vulnerability that allows an authenticated user to use XML External Entity (XXE) processing to achieve read access as root on the remote filesystem.
network
low complexity
talend CWE-611
6.8