Sage ≫ Sage Xrt Business Exchange

2 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

5.4

CVE-2022-34323

Exploit

EPSS 0.14%
Published 01.01.2023 08:15:10
Last modified 11.04.2025 14:15:20

Multiple XSS issues were discovered in Sage XRT Business Exchange 12.4.302 that allow an attacker to execute JavaScript code in the context of other users' browsers. The attacker needs to be authenticated to reach the vulnerable features. An issue is...

8.8

CVE-2022-34324

Exploit

EPSS 6.04%
Published 01.01.2023 08:15:10
Last modified 11.04.2025 14:15:20

Multiple SQL injections in Sage XRT Business Exchange 12.4.302 allow an authenticated attacker to inject malicious data in SQL queries: Add Currencies, Payment Order, and Transfer History.