Vulnerabilities > Xpand IT > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-12 | CVE-2023-27169 | Use of Hard-coded Credentials vulnerability in Xpand-It Write-Back Manager 2.3.1 Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which leads to the generation of a hardcoded and predictable symmetric encryption keys for license generation and validation. | 6.5 |
| 2019-12-09 | CVE-2019-19679 | Cross-site Scripting vulnerability in Xpand-It Xray Test Mangaement In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the Pre-Condition Summary entry point via the summary field of a Create Pre-Condition action for a new Test Issue. | 5.4 |
| 2019-12-09 | CVE-2019-19678 | Cross-site Scripting vulnerability in Xpand-It Xray Test Mangaement In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test issue. | 5.4 |