Labkey - Labkey Server CVE

Filtered by vendor Labkey Subscribe

Filtered by product Labkey Server

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-9757	1 Labkey	1 Labkey Server	2019-11-01	5.0 MEDIUM	7.5 HIGH
An issue was discovered in LabKey Server 19.1.0. Sending an SVG containing an XXE payload to the endpoint visualization-exportImage.view or visualization-exportPDF.view allows local files to be read.
CVE-2019-9926	1 Labkey	1 Labkey Server	2019-11-01	6.8 MEDIUM	8.8 HIGH
An issue was discovered in LabKey Server 19.1.0. It is possible to force a logged-in administrator to execute code through a /reports-viewScriptReport.view CSRF vulnerability.

Vulnerabilities (CVE)