Eclipse Business Intelligence And Reporting Tools — known CVE vulnerabilities
Every CVE whose affected-product data names Eclipse Business Intelligence And Reporting Tools, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-34427 — CVSS 9.8 (critical): In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote…
CVE-2023-0100 — CVSS 8.8 (high): In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute…
CVE-2019-11776 — CVSS 6.1 (medium): In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflected XSS in URL parameter. Attacker can execute the payload in victim's…