CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Unisys 1Data Exchange Management Studio Jun 17, 2026 Sep 13, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Unisys Data Exchange Management Studio before 6.0.IC2 and 7.x before 7.0.IC1 doesn't have an Anti-CSRF token to authenticate the POST request. Thus, a cross-site request forgery attack could occur. |
1Unisys 1Data Exchange Management Studio Jun 17, 2026 Apr 27, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Unisys Data Exchange Management Studio through 5.0.34 doesn't sanitize the input to a HTML document field. This could be used for an XSS attack. |