Icssolution: >> Ics Business Manager Security Vulnerabilities
A SQL injection vulnerability has been found in ICS Business Manager, affecting version 7.06.0028.7089. This vulnerability could allow a remote user to send a specially crafted SQL query and retrieve all the information stored in the database. The data could also be modified or deleted, causing the application to malfunction.
CVSS Score
9.4
EPSS Score
0.001
Published
2023-11-13
An XSS vulnerability has been discovered in ICS Business Manager affecting version 7.06.0028.7066. A remote attacker could send a specially crafted string exploiting the obdd_act parameter, allowing the attacker to steal an authenticated user's session, and perform actions within the application.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-11-13