Sysaid: >> Sysaid On-Premises Security Vulnerabilities
Sysaid - CWE-552: Files or Directories Accessible to External Parties -
Authenticated users may exfiltrate files from the server via an unspecified method.
CVSS Score
8.3
EPSS Score
0.001
Published
2023-07-30
Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type -
A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-07-30
SysAid 20.1.11b26 allows reflected XSS via the ForgotPassword.jsp accountid parameter.
CVSS Score
6.1
EPSS Score
0.005
Published
2020-10-02