Knowage@* Security Vulnerabilities and Issues — Knowage@* CVE List

Lucene search

EngKnowage*

4 matches found

CVE•added 2019/09/05 6:15 p.m.•72 views

CVE-2019-13188

In Knowage through 6.1.1, an unauthenticated user can bypass access controls and access the entire application.

9.8CVSS9.6AI score0.03701EPSS

CVE•added 2019/09/05 5:15 p.m.•61 views

CVE-2019-13190

In Knowage through 6.1.1, the sign up page does not invalidate a valid CAPTCHA token. This allows for CAPTCHA bypass in the signup page.

5.3CVSS5.3AI score0.0027EPSS

CVE•added 2019/08/28 4:15 p.m.•32 views

CVE-2019-13348

In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases.

8.8CVSS8.6AI score0.01173EPSS

CVE•added 2019/08/28 4:15 p.m.•28 views

CVE-2019-13189

In Knowage through 6.1.1, there is XSS via the start_url or user_id field to the ChangePwdServlet page.

6.1CVSS5.9AI score0.0021EPSS