SysAid Server < 24.4.60 b16 Multiple Vulnerabilities

The version of SysAid Server installed on the remote host is prior to 24.4.60 b16. It is, therefore, affected multiple vulnerabilities, including the following: - SysAid On-Prem versions = 23.3.40 are vulnerable to an unauthenticated XML External Entity XXE vulnerability in the Checkin processing...

CVE-2025-2776

SysAid On-Prem versions = 23.3.40 are vulnerable to an unauthenticated XML External Entity XXE vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives...