Softvibe: >> Saraban Security Vulnerabilities
SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. subject, description) of the document form.
CVSS Score
5.4
EPSS Score
0.003
Published
2022-01-18
SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-01-18
SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.021
Published
2022-01-18
SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-01-18