Skip to main content

Outsystems

3 CVEs product

Monthly

CVE-2021-29357 HIGH This Week

The ECT Provider component in OutSystems Platform Server 10 before 10.0.1104.0 and 11 before 11.9.0 (and LifeTime management console before 11.7.0) allows SSRF for arbitrary outbound HTTP requests. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Lifetime Management Console Outsystems Platform Server
NVD
CVSS 3.1
8.6
EPSS
1.0%
CVE-2020-29441 MEDIUM This Month

An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Denial Of Service Outsystems
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2019-12273 MEDIUM POC This Month

OutSystems Platform 10 through 11 allows ImageResourceDetail.aspx CSRF for content modifications and file uploads. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Outsystems
NVD
CVSS 3.1
6.5
EPSS
0.5%
EPSS 1% CVSS 8.6
HIGH This Week

The ECT Provider component in OutSystems Platform Server 10 before 10.0.1104.0 and 11 before 11.9.0 (and LifeTime management console before 11.7.0) allows SSRF for arbitrary outbound HTTP requests. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Lifetime Management Console Outsystems +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Denial Of Service Outsystems
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

OutSystems Platform 10 through 11 allows ImageResourceDetail.aspx CSRF for content modifications and file uploads. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Outsystems
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy