An arbitrary file upload vulnerability in Xpand IT Write-back Manager v2.3.1 allows attackers to execute arbitrary code via a crafted jsp...
9.8CVSS
9.4AI Score
0.001EPSS
Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows attackers to easily obtain the secret key used to sign JWT tokens via a bruteforce...
9.1CVSS
8.9AI Score
0.001EPSS
Xpand IT Write-back manager v2.3.1 allows attackers to perform a directory traversal via modification of the siteName...
7.5CVSS
7.5AI Score
0.0005EPSS
Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which leads to the generation of a hardcoded and predictable symmetric encryption keys for license generation and...
6.5CVSS
6.4AI Score
0.001EPSS
In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test...
5.4CVSS
5AI Score
0.001EPSS
In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the Pre-Condition Summary entry point via the summary field of a Create Pre-Condition action for a new Test...
5.4CVSS
5AI Score
0.001EPSS