Because of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive information.
7.7CVSS
7.4AI Score
0.001EPSS
Due to improper restriction, attackers could retrieve and read system files of the underlying server through the XML interface.
9.9CVSS
7.4AI Score
0.001EPSS
Due to improper input validation, a remote attacker could execute arbitrary commands on the target system.
9.9CVSS
9.6AI Score
0.001EPSS