Openasset Digital Asset Management — known CVE vulnerabilities
Every CVE whose affected-product data names Openasset Digital Asset Management, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2020-28858 — CVSS 8.8 (high): OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly verify whether a request made to the application was…
CVE-2020-28860 — CVSS 8.8 (high): OpenAssetDigital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input, incorporating it into its SQL…
CVE-2020-28856 — CVSS 7.5 (high): OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly determine the HTTP request's originating IP address, allowing…
CVE-2020-28857 — CVSS 6.1 (medium): OpenAsset Digital Asset Management (DAM) through 12.0.19, does not correctly sanitize user supplied input in multiple parameters and…
CVE-2020-28859 — CVSS 6.1 (medium): OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input in multiple parameters and…
CVE-2020-28861 — CVSS 5.3 (medium): OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier failed to implement access controls on /Stream/ProjectsCSV endpoint, allowing…