Bizagi: >> Business Process Management Suite >> 10.1 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in Login.aspx in Bizagi BPM Suite before 10.3 allows remote attackers to inject arbitrary web script or HTML via the txtUsername parameter.
CVSS Score
4.3
EPSS Score
0.005
Published
2014-05-22
SQL injection vulnerability in workflowenginesoa.asmx in Bizagi BPM Suite through 10.4 allows remote authenticated users to execute arbitrary SQL commands via a crafted SOAP request.
CVSS Score
6.5
EPSS Score
0.003
Published
2014-05-22