Vulnerabilities > Treasuryxpress
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-20 | CVE-2019-20152 | Cross-site Scripting vulnerability in Treasuryxpress 19191105 An XSS issue was discovered in TreasuryXpress 19191105. | 4.3 |
| 2020-08-20 | CVE-2019-20151 | Cross-site Scripting vulnerability in Treasuryxpress 19191105 An XSS issue was discovered in TreasuryXpress 19191105. | 4.3 |
| 2020-08-20 | CVE-2019-20150 | Insufficiently Protected Credentials vulnerability in Treasuryxpress 19191105 In TreasuryXpress 19191105, a logged-in user can discover saved credentials, even though the UI hides them. | 4.0 |
| 2017-01-23 | CVE-2015-4626 | Numeric Errors vulnerability in Treasuryxpress C2Box B.A.S C2Box before 4.0.0 (r19171) relies on client-side validation, which allows remote attackers to "corrupt the business logic" via a negative value in an overdraft. | 5.0 |