Unisys: >> Data Exchange Management Studio Security Vulnerabilities
Unisys Data Exchange Management Studio before 6.0.IC2 and 7.x before 7.0.IC1 doesn't have an Anti-CSRF token to authenticate the POST request. Thus, a cross-site request forgery attack could occur.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-09-13
Unisys Data Exchange Management Studio through 5.0.34 doesn't sanitize the input to a HTML document field. This could be used for an XSS attack.
CVSS Score
5.4
EPSS Score
0.003
Published
2021-04-27