Vulnerabilities > Tungstenautomation

DATE CVE VULNERABILITY TITLE RISK
2024-01-11 CVE-2023-5118 Cross-site Scripting vulnerability in Tungstenautomation Kofax Capture 11.0.0
The application is vulnerable to Stored Cross-Site Scripting (XSS) in the endpoint /sofer/DocumentService.asc/SaveAnnotation, where input data transmitted via the POST method in the parameters author and text are not adequately sanitized and validated.
network
low complexity
tungstenautomation CWE-79
5.4