Skip to main content

Bonita Web

2 CVEs product

Monthly

CVE-2024-26542 MEDIUM POC This Month

Cross Site Scripting vulnerability in Bonitasoft, S.A v.7.14. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Bonita Web
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-25237 CRITICAL POC THREAT Act Now

Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an overly broad exclude pattern used in the RestAPIAuthorizationFilter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Bonita Web
NVD GitHub
CVSS 3.1
9.8
EPSS
56.2%
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Cross Site Scripting vulnerability in Bonitasoft, S.A v.7.14. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Bonita Web
NVD GitHub
EPSS 56% CVSS 9.8
CRITICAL POC THREAT Act Now

Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an overly broad exclude pattern used in the RestAPIAuthorizationFilter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Bonita Web
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy