Vulnerabilities > Tungstenautomation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-11 | CVE-2023-5118 | Cross-site Scripting vulnerability in Tungstenautomation Kofax Capture 11.0.0 The application is vulnerable to Stored Cross-Site Scripting (XSS) in the endpoint /sofer/DocumentService.asc/SaveAnnotation, where input data transmitted via the POST method in the parameters author and text are not adequately sanitized and validated. | 5.4 |