HIGH✓ PATCH🇬🇧 English

CVE-2023-31867

CVSS 7.2v3.1pub. 2023-06-22upd. 2026-07-05

Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Sage X3

    APP
    Sage
    12.14.0.50-0
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2020-7388CRITICAL10.0ten sam produkt

Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By editing the clie...

CVE-2023-31868MEDIUM5.4ten sam produkt

Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting (XSS). Some parts of the Web application ar...

CVE-2020-7387MEDIUM5.3ten sam produkt

Sage X3 Installation Pathname Disclosure. A specially crafted packet can elicit a response from the AdxDSrv.ex...

CVE-2020-7389MEDIUM5.5ten sam produkt

Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass ...

CVE-2020-7390MEDIUM4.6ten sam produkt

Sage X3 Stored XSS Vulnerability on ‘Edit’ Page of User Profile. An authenticated user can pass XSS strings th...