7.5CVSS
7.8AI Score
0.002EPSS
SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. subject, description) of the document form.
5.4CVSS
5.2AI Score
0.001EPSS
SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication.
7.5CVSS
7.5AI Score
0.004EPSS
SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution.
9.8CVSS
9.8AI Score
0.005EPSS