Vulnerabilities > Xerox > Xmpie Ustore > 12.3.7244.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-10 | CVE-2022-23321 | Cross-site Scripting vulnerability in Xerox Xmpie Ustore 12.3.7244.0 A persistent cross-site scripting (XSS) vulnerability exists on two input fields within the administrative panel when editing users in the XMPie UStore application on version 12.3.7244.0. | 4.8 |
| 2022-02-07 | CVE-2022-23320 | Improper Authentication vulnerability in Xerox Xmpie Ustore 12.3.7244.0 XMPie uStore 12.3.7244.0 allows for administrators to generate reports based on raw SQL queries. | 7.5 |