Sas: >> Web Infrastructure Platform >> 9.4 Security Vulnerabilities
Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows reflected XSS on the Timeout page.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-01-17
SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code via a Java deserialization variant.
CVSS Score
9.8
EPSS Score
0.043
Published
2019-01-17
BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-01-17