Vulnerabilities > Universis

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-18	CVE-2022-28924	Exposure of Resource to Wrong Sphere vulnerability in Universis Universis-Students An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/. network low complexity universis CWE-668	6.5
2022-04-25	CVE-2022-29603	SQL Injection vulnerability in Universis Universis-Api A SQL Injection vulnerability exists in UniverSIS UniverSIS-API through 1.2.1 via the $select parameter to multiple API endpoints. network low complexity universis CWE-89	8.1

Vulnerabilities > Universis {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Universis"}]}