Progress: >> Telerik Reporting >> 18.1.24.514 Security Vulnerabilities
In Progress® Telerik® Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure is possible by a local threat actor through an absolute path vulnerability.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-02-12
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible using object injection via insecure expression evaluation.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-10-09
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a command injection attack is possible through improper neutralization of hyperlink elements.
CVSS Score
7.8
EPSS Score
0.003
Published
2024-10-09
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through object injection via an insecure type resolution vulnerability.
CVSS Score
8.8
EPSS Score
0.021
Published
2024-10-09
In Progress® Telerik® Reporting versions prior to 18.1.24.709, a code execution attack is possible through object injection via an insecure type resolution vulnerability.
CVSS Score
8.8
EPSS Score
0.014
Published
2024-07-24