An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could access the backend database via SQL injection.
CVSS Score
9.8
EPSS Score
0.002
Published
2019-07-17
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could exploit the vulnerable function in order to prepare an XSS payload to send to the product's clients.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-07-17