Every CVE whose affected-product data names Sage Syracuse, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-7389 — CVSS 5.5 (medium): Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable…
CVE-2020-7390 — CVSS 4.6 (medium): Sage X3 Stored XSS Vulnerability on ‘Edit’ Page of User Profile. An authenticated user can pass XSS strings the "First Name," "Last…