2 matches found
CVE-2022-32555
Unisys Data Exchange Management Studio is affected by CVE-2022-32555 due to the absence of an Anti‑CSRF token on POST requests, enabling potential CSRF. Affected versions are prior to 6.0.IC2 and 7.x prior to 7.0.IC1. Root cause: missing Anti‑CSRF protection. Impact: cross‑site forgery could perf...
CVE-2020-35542
CVE-2020-35542 affects Unisys Data Exchange Management Studio prior to or up to 5.0.34. The root cause is input not being sanitized/cleared from HTML document fields, enabling a cross-site scripting (XSS) vulnerability. Affected component: HTML input handling within the product’s UI; impact is us...