CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Prion•added 2023/10/12 8:15 p.m.•13 views

Cross site scripting

An unsafe default configuration in KNIME Analytics Platform before 5.2.0 allows for a cross-site scripting attack. When KNIME Analytics Platform is used as an executor for either KNIME Server or KNIME Business Hub several JavaScript-based view nodes do not sanitize the data that is displayed by...

5.8CVSS6AI score0.00131EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/10/12 7:0 p.m.•13 views

CVE-2023-5562 Unsafe default allows for cross-site scripting attacks in KNIME Server and KNIME Business Hub

6.1CVSS6.3AI score0.00131EPSS

Exploits0References1

Vulnrichment•added 2023/10/12 7:0 p.m.•14 views

CVE-2023-5562 Unsafe default allows for cross-site scripting attacks in KNIME Server and KNIME Business Hub

6.1CVSS6.3AI score0.00131EPSS

Exploits0References1

CVE•added 2023/10/12 7:0 p.m.•49 views

CVE-2023-5562

KNIME Analytics Platform before 5.2.0 is vulnerable to cross-site scripting when used as an executor for KNIME Server or KNIME Business Hub. The root cause is an unsafe default configuration where JavaScript-based view nodes do not sanitize data by default, allowing inline JavaScript to run in th...

6.1CVSS6.1AI score0.00131EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by