← Back

Topquadrant

topquadrant

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Topbraid Edg
topbraid_edg
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-45745
1Topquadrant
1Topbraid Edg
Sep 22, 2025
Sep 27, 2024
N/A· v4
4.3 MEDIUM· v3
N/A· v2
TopQuadrant TopBraid EDG before version 8.0.1 allows an authenticated attacker to upload an XML DTD file and execute JavaScript to read local files or access URLs (XXE). Fixed in 8.0.1 (bug fix: TBS-6721).
CVE-2024-45744
1Topquadrant
1Topbraid Edg
Oct 2, 2025
Sep 27, 2024
N/A· v4
4.3 MEDIUM· v3
N/A· v2
TopQuadrant TopBraid EDG stores external credentials insecurely. An authenticated attacker with file system access can read edg-setup.properites and obtain the secret to decrypt external passwords stored in edg-vault.pro...Show more
TopQuadrant TopBraid EDG stores external credentials insecurely. An authenticated attacker with file system access can read edg-setup.properites and obtain the secret to decrypt external passwords stored in edg-vault.properties. An authenticated attacker could gain file system access using a separate vulnerability such as CVE-2024-45745. At least version 7.1.3 is affected. Version 7.3 adds HashiCorp Vault integration that does not store external passwords locally. Version 8.3.0 warns when using plain text secrets.Show less