← Back

Bonita Bpm Portal

bonita_bpm_portal

Vendor: Bonitasoft • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2015-3898
1Bonitasoft
1Bonita Bpm Portal
Nov 21, 2024
Feb 28, 2018
N/A· v4
6.1 MEDIUM· v3
5.8 MEDIUM· v2
Multiple open redirect vulnerabilities in Bonita BPM Portal before 6.5.3 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the redirectUrl parameter to (1)...Show more
Multiple open redirect vulnerabilities in Bonita BPM Portal before 6.5.3 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the redirectUrl parameter to (1) bonita/login.jsp or (2) bonita/loginservice.Show less
CVE-2015-3897
1Bonitasoft
1Bonita Bpm Portal
May 6, 2026
Jun 18, 2015
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the theme parameter and a file path in the location parameter to bonita/portal/the...Show more
Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the theme parameter and a file path in the location parameter to bonita/portal/themeResource.Show less