Spagobi@* Security Vulnerabilities and Issues — Spagobi@* CVE List

Lucene search

EngSpagobi*

4 matches found

CVE•added 2019/11/22 7:15 p.m.•110 views

CVE-2013-6234

Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, aka "XSS File Upload."

8CVSS7.8AI score0.02181EPSS

CVE•added 2020/01/10 2:15 p.m.•56 views

CVE-2013-6231

SpagoBI before 4.1 has Privilege Escalation via an error in the AdapterHTTP script

9CVSS8.6AI score0.35652EPSS

CVE•added 2014/03/09 1:16 p.m.•40 views

CVE-2013-6232

Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows remote authenticated users to inject arbitrary web script or HTML via a document note in the execution page.

3.5CVSS5.3AI score0.01019EPSS

CVE•added 2014/03/09 1:16 p.m.•30 views

CVE-2013-6233

Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description field in the "Short document metadata."

4.3CVSS5.2AI score0.05635EPSS