3 matches found
CVE-2021-29357
The CVE-2021-29357 issue is tied to OutSystems Platform Server’s ECT Provider component. Affected versions : OutSystems Platform Server 10 prior to 10.0.1104.0 and 11 prior to 11.9.0, as well as LifeTime management console prior to 11.7.0. Vulnerability : Server-side request forgery (SSRF) enable...
CVE-2020-13639
CVE-2020-13639 describes a stored XSS in OutSystems’ ECT Provider that affects generated applications. An unauthenticated attacker could store malicious Feedback content in /ECT_Provider/, leading to attacker‑controlled JavaScript executing in the administrator’s browser when viewed by admins. Re...
CVE-2025-61258
CVE-2025-61258 affects Outsystems Platform Server 11.18.1.37828. Multiple sources confirm a denial-of-service vulnerability caused by a mismatch between a crafted Content-Length value and the actual body length. The Red Hat and NVD entries, along with EUVD/CNNVD/CVE records, consistently describe...