2 matches found
CVE-2021-42777
CVE-2021-42777 affects Stimulsoft (Stimulsoft Reports) version 2013.1.1600.0; when Compilation Mode is enabled, it allows an attacker to execute arbitrary C# code on any machine rendering a report (server or client) via System.Diagnostics.Process.Start. The vulnerability is a code-execution risk ...
CVE-2020-15865
CVE-2020-15865 affects Stimulsoft Reports (2013.1.1600.0). A vulnerability lets an attacker encode C# scripts as base-64 in the report XML, causing them to be compiled and executed on the server that processes the file, potentially yielding full server compromise. CVSSv3.1 metrics: AV:N/AC:L/PR:N...