Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows reflected XSS on the Timeout page.
6.1CVSS
5.9AI Score
0.001EPSS
SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code via a Java deserialization variant.
9.8CVSS
9.7AI Score
0.01EPSS
7.5CVSS
7.5AI Score
0.002EPSS