PT-2023-13359 · Sage · Sage Xrt Business Exchange

Name of the Vulnerable Software and Affected Versions: Sage XRT Business Exchange version 12.4.302 Description: The issue allows an authenticated attacker to inject malicious data in SQL queries, specifically in the following areas: Add Currencies, Payment Order, and Transfer History...

PT-2023-13358 · Sage · Sage Xrt Business Exchange

Name of the Vulnerable Software and Affected Versions: Sage XRT Business Exchange version 12.4.302 Description: Multiple XSS issues were discovered in Sage XRT Business Exchange that allow an attacker to execute JavaScript code in the context of other users' browsers. The attacker needs to be...

Sage XRT Business Exchange 跨站脚本漏洞

Sage XRT Business Exchange is part of the Sage suite of applications from Sage UK. A security vulnerability exists in Sage XRT Business Exchange version 12.4.302 that stems from the presence of stored XSS, which allows an attacker to execute JavaScript code in the context of another user's browse...