Vulnerabilities (CVE)

Filtered by vendor Matrix42 Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-19390 1 Matrix42 1 Workspace Management 2024-02-28 3.5 LOW 5.4 MEDIUM
The Search parameter of the Software Catalogue section of Matrix42 Workspace Management 9.1.2.2765 and below accepts unfiltered parameters that lead to multiple reflected XSS issues.
CVE-2019-19500 1 Matrix42 1 Workspace Management 2024-02-28 3.5 LOW 5.4 MEDIUM
Matrix42 Workspace Management 9.1.2.2765 and below allows stored XSS via unfiltered description parameters, as demonstrated by the comment field of a special order for individual software.
CVE-2013-2504 1 Matrix42 1 Service Store 2024-02-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in SPS/Portal/default.aspx in Service Desk in Matrix42 Service Store 5.3 SP3 (aka 5.33.946.0) allows remote attackers to inject arbitrary web script or HTML via the query string.