Ordat: >> Ordat.erp Security Vulnerabilities
ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-09-12
ORDAT FOSS-Online before version 2.24.01 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login page.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-09-12
User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-09-12