Vulnerabilities (CVE)

Filtered by vendor Halvotec Subscribe

Filtered by product Raquest

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-19612	1 Halvotec	1 Raquest	2020-06-25	3.5 LOW	5.4 MEDIUM
An issue was discovered in Halvotec RaQuest 10.23.10801.0. Several features of the application allow stored Cross-site Scripting (XSS). Fixed in Release 24.2020.20608.0.
CVE-2019-19613	1 Halvotec	1 Raquest	2020-06-25	4.3 MEDIUM	5.2 MEDIUM
An issue was discovered in Halvotec RaQuest 10.23.10801.0. The login page of the admin application is vulnerable to an Open Redirect attack allowing an attacker to redirect a user to a malicious site after authentication. The attacker needs to be on the same network to modify the victim's request on the wire. Fixed in Release 24.2020.20608.0
CVE-2019-19610	1 Halvotec	1 Raquest	2020-06-25	5.8 MEDIUM	5.4 MEDIUM
An issue was discovered in Halvotec RaQuest 10.23.10801.0. It allows session fixation. Fixed in Release 24.2020.20608.0.