Reprise License Manager Security Vulnerabilities and Issues — Reprise License Manager CVE List

Lucene search

ReprisesoftwareReprise License Manager

6 matches found

CVE•added 2022/04/09 5:15 p.m.•74 views

CVE-2022-28363

Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/login_process username parameter via GET. No authentication is required.

6.1CVSS6AI score0.1739EPSS

CVE•added 2022/12/29 11:15 p.m.•50 views

CVE-2022-30519

XSS in signing form in Reprise Software RLM License Administration v14.2BL4 allows remote attacker to inject arbitrary code via password field.

6.1CVSS6.3AI score0.00355EPSS

CVE•added 2022/01/13 7:15 p.m.•48 views

CVE-2021-45422

Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability in the /goform/activate_process "count" parameter via GET. No authentication is required.

6.1CVSS6.1AI score0.11594EPSS

CVE•added 2023/01/20 12:15 p.m.•42 views

CVE-2021-37499

CRLF vulnerability in Reprise License Manager (RLM) web interface through 14.2BL4 in the password parameter in View License Result function, that allows remote attackers to inject arbitrary HTTP headers.

6.5CVSS6.6AI score0.00142EPSS

CVE•added 2023/01/20 12:15 p.m.•38 views

CVE-2021-37498

An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that allows remote attackers to trigger outbound requests to intranet servers, conduct port scans via the actserver parameter in License Activation function.

6.5CVSS6.5AI score0.0013EPSS

CVE•added 2018/08/20 2:29 a.m.•37 views

CVE-2018-15574

An issue was discovered in the license editor in Reprise License Manager (RLM) through 12.2BL2. It is a cross-site scripting vulnerability in the /goform/edit_lf_get_data lf parameter via GET or POST. NOTE: the vendor has stated "We do not consider this a vulnerability."

6.1CVSS6AI score0.00328EPSS