Intellect Core Banking

intellect_core_banking

Vendor: Polarisft • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-14931 1Polarisft 1Intellect Core Banking Nov 21, 2024 Apr 30, 2019 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. An open redirect exists via a /IntellectMain.jsp?IntellectSystem= URI.
CVE-2018-14930 1Polarisft 1Intellect Core Banking Nov 21, 2024 Apr 30, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. CSRF can occur via a /CollatWebApp/gcmsRefInsert?name=SUPP URI.
CVE-2018-14875 1Polarisft 1Intellect Core Banking Nov 21, 2024 Apr 30, 2019 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. Reflected XSS exists with an authenticated session via the Customerid, formName, FrameId, or MODE parameter.
CVE-2018-14874 1Polarisft 1Intellect Core Banking Nov 21, 2024 Apr 30, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. Input passed through the code parameter in three pages as collaterals/colexe3t.jsp and /references/refsuppu.jsp and /references/refb...Show more An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. Input passed through the code parameter in three pages as collaterals/colexe3t.jsp and /references/refsuppu.jsp and /references/refbranu.jsp is mishandled before being used in SQL queries, allowing SQL injection with an authenticated session.Show less