Skip to main content

Administration Center

3 CVEs product

Monthly

CVE-2022-31648 MEDIUM This Month

Talend Administration Center is vulnerable to a reflected Cross-Site Scripting (XSS) issue in the SSO login endpoint. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Administration Center
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-29943 MEDIUM This Month

Talend Administration Center has a vulnerability that allows an authenticated user to use XML External Entity (XXE) processing to achieve read access as root on the remote filesystem. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Administration Center
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-29942 MEDIUM This Month

Talend Administration Center has a vulnerability that allows an authenticated user to use the Service Registry 'Add' functionality to perform SSRF HTTP GET requests on URLs in the internal network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Administration Center
NVD
CVSS 3.1
6.5
EPSS
0.6%
EPSS 1% CVSS 6.1
MEDIUM This Month

Talend Administration Center is vulnerable to a reflected Cross-Site Scripting (XSS) issue in the SSO login endpoint. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Administration Center
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Talend Administration Center has a vulnerability that allows an authenticated user to use XML External Entity (XXE) processing to achieve read access as root on the remote filesystem. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Administration Center
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Talend Administration Center has a vulnerability that allows an authenticated user to use the Service Registry 'Add' functionality to perform SSRF HTTP GET requests on URLs in the internal network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Administration Center
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy