Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Dundas Security Vulnerabilities

cve
cve

CVE-2018-18569

The Dundas BI server before 5.0.1.1010 is vulnerable to a Server-Side Request Forgery attack, allowing an attacker to forge arbitrary requests (with certain restrictions) that will be executed on behalf of the attacker, via the viewUrl parameter of the "export the dashboard as an image" feature. Th...

8.6CVSS

8.5AI Score

0.006EPSS

2019-02-11 09:29 PM
28
cve
cve

CVE-2020-28408

The server in Dundas BI through 8.0.0.1001 allows XSS via an HTML label when creating or editing a dashboard.

5.4CVSS

5.2AI Score

0.001EPSS

2020-11-10 09:15 PM
15
cve
cve

CVE-2020-28409

The server in Dundas BI through 8.0.0.1001 allows XSS via addition of a Component (e.g., a button) when events such as click, hover, etc. occur.

5.4CVSS

5.2AI Score

0.001EPSS

2020-11-10 09:15 PM
20