Vulnerabilities > Tungstenautomation > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-11-22 CVE-2024-9758 Out-of-bounds Read vulnerability in Tungstenautomation Power PDF
Tungsten Automation Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability.
network
low complexity
tungstenautomation CWE-125
4.3
2024-01-11 CVE-2023-5118 Cross-site Scripting vulnerability in Tungstenautomation Kofax Capture 11.0.0
The application is vulnerable to Stored Cross-Site Scripting (XSS) in the endpoint /sofer/DocumentService.asc/SaveAnnotation, where input data transmitted via the POST method in the parameters author and text are not adequately sanitized and validated.
network
low complexity
tungstenautomation CWE-79
5.4