Vulnerabilities > Uipath

DATE	CVE	VULNERABILITY TITLE	RISK
2021-12-14	CVE-2021-44041	Externally Controlled Reference to a Resource in Another Sphere vulnerability in Uipath Assistant 21.4.4 UiPath Assistant 21.4.4 will load and execute attacker controlled data from the file path supplied to the --dev-widget argument of the URI handler for uipath-assistant://. network low complexity uipath CWE-610 critical	10.0
2021-12-14	CVE-2021-44042	Improper Encoding or Escaping of Output vulnerability in Uipath Assistant 21.4.4 An issue was discovered in UiPath Assistant 21.4.4. network low complexity uipath CWE-116	7.5
2021-12-14	CVE-2021-44043	Cross-site Scripting vulnerability in Uipath APP Studio 21.4.4 An issue was discovered in UiPath App Studio 21.4.4. network uipath CWE-79	3.5
2019-08-08	CVE-2018-19855	Improper Neutralization of Formula Elements in a CSV File vulnerability in Uipath Orchestrator UiPath Orchestrator before 2018.3.4 allows CSV Injection, related to the Audit export, Robot log export, and Transaction log export features. network uipath CWE-1236	4.3
2019-04-11	CVE-2018-17305	Incorrect Permission Assignment for Critical Resource vulnerability in Uipath Orchestrator UiPath Orchestrator through 2018.2.4 allows any authenticated user to change the information of arbitrary users (even administrators) leading to privilege escalation and remote code execution. network low complexity uipath CWE-732	6.5

Vulnerabilities > Uipath {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Uipath"}]}