An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur via an XML document to the Analysis component.
6.5CVSS
6.4AI Score
0.0005EPSS
An issue was discovered in VERMEG AgileReporter 21.3. An admin can enter an XSS payload in the Analysis component.
5.4CVSS
5.2AI Score
0.0004EPSS
An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log.
4.8CVSS
5AI Score
0.0004EPSS