CVE-2025-46544

In Sherpa Orchestrator 141851, a low-privileged user can elevate their privileges by creating new users and roles...

Sherpa Orchestrator SQL注入漏洞

Sherpa Orchestrator is an IT management software from Sherpa for automating IT processes and workflow management. A security vulnerability exists in Sherpa Orchestrator version 141851, which stems from the possibility that an authenticated user could perform multiple blind time-based SQL injectio...

Sherpa Orchestrator 安全漏洞

Sherpa Orchestrator is an IT management software from Sherpa for automating IT processes and workflow management. A security vulnerability exists in Sherpa Orchestrator version 141851, which stems from the possibility that a low-privileged user could elevate privileges by creating new users and...

Sherpa Orchestrator 跨站脚本漏洞

Sherpa Orchestrator is an IT management software from Sherpa for automating IT processes and workflow management. A security vulnerability exists in Sherpa Orchestrator version 141851, which stems from the Add or Update License feature may lead to a stored cross-site scripting attack via the name...

Sherpa Orchestrator 跨站请求伪造漏洞

Sherpa Orchestrator is an IT management software from Sherpa for automating IT processes and workflow management. A security vulnerability exists in Sherpa Orchestrator version 141851 that stems from a lack of protection against CSRF attacks in the web application, which could lead to XSS attacks...