Progress: >> Telerik Reporting >> 18.2.24.924 Security Vulnerabilities
In ProgressĀ® TelerikĀ® Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure is possible by a local threat actor through an absolute path vulnerability.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-02-12
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a command injection attack is possible through improper neutralization of hyperlink elements.
CVSS Score
7.8
EPSS Score
0.003
Published
2024-10-09