Vulnerabilities (CVE)

Filtered by vendor Sfs Subscribe
Filtered by product Winsure
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-7098 1 Sfs 1 Winsure 2024-09-20 N/A 9.8 CRITICAL
Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.This issue affects ww.Winsure: before 4.6.2.
CVE-2024-7104 1 Sfs 1 Winsure 2024-09-20 N/A 9.8 CRITICAL
Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww.Winsure allows Code Injection.This issue affects ww.Winsure: before 4.6.2.