← Back

I Net Clear Reports

i-net_clear_reports

Vendor: Inetsoftware • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-28150
1Inetsoftware
1I Net Clear Reports
Nov 21, 2024
Mar 9, 2021
N/A· v4
6.1 MEDIUM· v3
5.8 MEDIUM· v2
I-Net Software Clear Reports 20.10.136 web application accepts a user-controlled input that specifies a link to an external site, and uses the user supplied data in a Redirect.
CVE-2020-12684
1Inetsoftware
1I Net Clear Reports
Nov 21, 2024
Jul 15, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
XXE injection can occur in i-net Clear Reports 2019 19.0.287 (Designer), as used in i-net HelpDesk and other products, when XML input containing a reference to an external entity is processed by a weakly configured XML p...Show more
XXE injection can occur in i-net Clear Reports 2019 19.0.287 (Designer), as used in i-net HelpDesk and other products, when XML input containing a reference to an external entity is processed by a weakly configured XML parser.Show less