2 matches found
CVE-2020-28150
CVE-2020-28150 affects I-Net Software Clear Reports 20.10.136 Web application. The vulnerability arises because a user-controlled input is used to specify a link to an external site and is subsequently used in a Redirect, enabling possible open-redirect behavior. Root cause: untrusted input used ...
CVE-2020-12684
CVE-2020-12684 describes an XML External Entity (XXE) injection in i-net Clear Reports 2019, version 19.0.287 (Designer), used with i-net HelpDesk and related products. The vulnerability arises when XML input containing a reference to an external entity is processed by a weakly configured XML par...