Every CVE whose affected-product data names Vermeg Agile Reporter, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-34832 — CVSS 6.5 (medium): An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur via an XML document to the Analysis component.
CVE-2022-34833 — CVSS 5.4 (medium): An issue was discovered in VERMEG AgileReporter 21.3. An admin can enter an XSS payload in the Analysis component.
CVE-2022-34834 — CVSS 4.8 (medium): An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the…