Vulnerabilities > Xpand IT > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-19 | CVE-2023-27168 | Unrestricted Upload of File with Dangerous Type vulnerability in Xpand-It Write-Back Manager 2.3.1 An arbitrary file upload vulnerability in Xpand IT Write-back Manager v2.3.1 allows attackers to execute arbitrary code via a crafted jsp file. | 9.8 |
| 2023-12-20 | CVE-2023-27172 | Improper Restriction of Excessive Authentication Attempts vulnerability in Xpand-It Write-Back Manager 2.3.1 Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. | 9.1 |