2 matches found
CVE-2022-36121
Blue Prism Enterprise 6.0–7.01 is affected by a vulnerability that exists when the Blue Prism Application server is misconfigured, allowing an authenticated user to reverse engineer the software and bypass access controls on the UpdateOfflineHelpData function. This enables changing the offline he...
CVE-2022-36120
CVE-2022-36120 affects Blue Prism Enterprise 6.0–7.01. In a misconfigured environment exposing the Blue Prism Application server, an authenticated user with low/no privileges can abuse the getChartData admin function to bypass access controls and cause the server to execute any MSSQL stored proce...