4 matches found
Cross site scripting
Cross Site Scripting vulnerability in Bonitasoft, S.A v.7.14. and fixed in v.9.0.2, 8.0.3, 7.15.7, 7.14.8 allows attackers to execute arbitrary code via a crafted payload to the Groups Display name field...
PT-2024-21418 · Bonitasoft · Bonitasoft
Name of the Vulnerable Software and Affected Versions: Bonitasoft, S.A versions prior to 7.14.8 Bonitasoft, S.A versions prior to 7.15.7 Bonitasoft, S.A versions prior to 8.0.3 Bonitasoft, S.A versions prior to 9.0.2 Description: The issue allows attackers to execute arbitrary code via a crafted...
CVE-2024-26542
Cross Site Scripting vulnerability in Bonitasoft, S.A v.7.14. and fixed in v.9.0.2, 8.0.3, 7.15.7, 7.14.8 allows attackers to execute arbitrary code via a crafted payload to the Groups Display name field...
Bonitasoft Cross-Site Scripting Vulnerability
Bonitasoft is an open source BPM software from Bonitasoft. A cross-site scripting vulnerability exists in Bonitasoft version v.7.14, which originates from a vulnerability that allows an attacker to execute arbitrary scripts via the Groups Display name field using a crafted payload...