Filtered by vendor Eclipse
Subscribe
Filtered by product Business Intelligence And Reporting Tools
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-34427 | 1 Eclipse | 1 Business Intelligence And Reporting Tools | 2021-09-09 | 7.5 HIGH | 9.8 CRITICAL |
| In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote (current BIRT viewer dir) to inject JSP code into the running instance. | |||||
| CVE-2019-11776 | 1 Eclipse | 1 Business Intelligence And Reporting Tools | 2020-12-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflected XSS in URL parameter. Attacker can execute the payload in victim's browser context. | |||||