Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:25 a.m.7 views

CVE-2022-25370

Apache OFBiz uses the Birt plugin https://eclipse.github.io/birt-website/ to create data visualizations and reports. In Apache OFBiz release 18.12.05, and earlier versions, by leveraging a vulnerability in Birt https://bugs.eclipse.org/bugs/showbug.cgi?id=538142, an unauthenticated malicious user...

5.4CVSS6.1AI score0.02009EPSS
Exploits0References1
OSV
OSV
added 2022/09/02 7:15 a.m.5 views

CVE-2022-25370

Apache OFBiz uses the Birt plugin https://eclipse.github.io/birt-website/ to create data visualizations and reports. In Apache OFBiz release 18.12.05, and earlier versions, by leveraging a vulnerability in Birt https://bugs.eclipse.org/bugs/showbug.cgi?id=538142, an unauthenticated malicious user...

5.4CVSS5.8AI score0.02009EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/09/02 7:10 a.m.38 views

CVE-2022-25370 Unauth Stored XSS vulnerability in the Birt plugin of Apache OFBiz

Apache OFBiz uses the Birt plugin https://eclipse.github.io/birt-website/ to create data visualizations and reports. In Apache OFBiz release 18.12.05, and earlier versions, by leveraging a vulnerability in Birt https://bugs.eclipse.org/bugs/showbug.cgi?id=538142, an unauthenticated malicious user...

5.5AI score0.02009EPSS
Exploits0References3
CVE
CVE
added 2022/09/02 7:10 a.m.66 views

CVE-2022-25370

Summary: CVE-2022-25370 affects Apache OFBiz versions 18.12.05 and earlier, due to a vulnerability in the Birt plugin (Birt issue 538142) that enables an unauthenticated stored XSS attack. The attack can inject and execute a payload via the stored XSS vector. Affected software/component: Apache O...

5.4CVSS5.3AI score0.02009EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder