Knowage Security Vulnerabilities - CVSS Score 9 - 10

CVE-2019-13188

In Knowage through 6.1.1, an unauthenticated user can bypass access controls and access the entire application.

CVE-2023-38702

Knowage is an open source analytics and business intelligence suite. Starting in the 6.x.x branch and prior to version 8.1.8, the endpoint /knowage/restful-services/dossier/importTemplateFile allows authenticated users to upload template file on the server, but does not need any authorization to be...