Vantara Pentaho Security Vulnerabilities and Issues — Vantara Pentaho CVE List

Lucene search

HitachiVantara Pentaho

4 matches found

CVE•added 2021/01/29 7:15 p.m.•127 views

CVE-2020-24670

The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. Specifically, the vulnerability lies in the 'type' attribute of 'dashboardXml' parameter. Remed...

5.4CVSS5.7AI score0.00209EPSS

CVE•added 2021/01/29 7:15 p.m.•58 views

CVE-2020-24669

The New Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x contains a DOM-based Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. Specifically, the vulnerability lies in the 'Analysis Report Description' field in 'About th...

5.4CVSS5.7AI score0.00209EPSS

CVE•added 2021/01/29 7:15 p.m.•56 views

CVE-2020-24666

The Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x contains a stored Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. Specifically, the vulnerability lies in the 'Display Name' parameter. Remediated in >= 9.1.0.1

5.4CVSS5.6AI score0.00209EPSS

CVE•added 2021/01/29 7:15 p.m.•50 views

CVE-2020-24664

The dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. Specifically, the vulnerability lies in the 'pho:title' attribute of 'dashboardXml' parameter. ...

5.4CVSS5.7AI score0.00209EPSS