CVE-2013-6234 — CVSS 8.0 (high): Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute…
CVE-2014-7296 — CVSS 6.8 (medium): The default configuration in the accessibility engine in SpagoBI 5.0.0 does not set FEATURE_SECURE_PROCESSING, which allows remote…
CVE-2024-54792 — CVSS 6.1 (medium): A Cross-Site Request Forgery (CSRF) vulnerability has been found in SpagoBI v3.5.1 in the user administration panel. An authenticated user…
CVE-2024-54795 — CVSS 5.4 (medium): SpagoBI v3.5.1 contains multiple Stored Cross-Site Scripting (XSS) vulnerabilities in the create/edit forms of the worksheet designer…
CVE-2013-6233 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows remote authenticated users to inject arbitrary web script or HTML via…
CVE-2013-6232 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows remote authenticated users to inject arbitrary web script or HTML via…