← Back

Sandline

sandline

3 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Centraleyezer
centraleyezer
3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-12311
1Sandline
1Centraleyezer
Jun 17, 2026
Nov 18, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Sandline Centraleyezer (On Premises) allows Unrestricted File Upload leading to Stored XSS. An HTML page running a script could be uploaded to the server. When a victim tries to download a CISO Report template, the scrip...Show more
Sandline Centraleyezer (On Premises) allows Unrestricted File Upload leading to Stored XSS. An HTML page running a script could be uploaded to the server. When a victim tries to download a CISO Report template, the script is loaded.Show less
CVE-2019-12299
1Sandline
1Centraleyezer
Jun 17, 2026
Nov 18, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Sandline Centraleyezer (On Premises) allows Stored XSS using HTML entities in the name field of the Category section.
CVE-2019-12271
1Sandline
1Centraleyezer
Jun 17, 2026
Nov 18, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Sandline Centraleyezer (On Premises) allows unrestricted File Upload with a dangerous type, because the feature of adding ".jpg" to any uploaded filename is not enforced on the server side.