Knovos: Security Vulnerabilities
An issue in Knovos Discovery v.22.67.0 allows a remote attacker to obtain sensitive information via the /DiscoveryReview/Service/CaseManagement.svc/GetProductSiteName component.
CVSS Score
6.5
EPSS Score
0.006
Published
2024-01-16
SQL injection vulnerability in Knovos Discovery v.22.67.0 allows a remote attacker to execute arbitrary code via the /DiscoveryProcess/Service/Admin.svc/getGridColumnStructure component.
CVSS Score
8.8
EPSS Score
0.11
Published
2024-01-16