CVE-2022-43840

MEDIUM Year: 2022
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-643
View all →

Vulnerability Description

IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to an XPath injection vulnerability, which could allow an authenticated attacker to exfiltrate sensitive application data and/or determine the structure of the XML document.

Related Vulnerabilities

CVE-2024-2645

MEDIUM
CVSS:5.3(Medium)

A vulnerability classified as problematic has been found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /vpnweb/resetpwd/resetpwd.php. The manipulation ...

CWE-6432024

CVE-2024-2648

MEDIUM
CVSS:5.3(Medium)

A vulnerability, which was classified as problematic, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /nac/naccheck.php. The manipulation of...

CWE-6432024

CVE-2024-39565

HIGH
CVSS:8.8(High)

An Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to execu...

CWE-6432024

CVE-2020-25162

HIGH
CVSS:7.5(High)

A XPath injection vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows unauthenticated remote attackers to acces...

CWE-6432020

CVE-2024-8955

MEDIUM
CVSS:6.8(Medium)

A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to read the contents of any file in the system by exploiting the ...

CWE-6432024

CVE-2023-24922

MEDIUM
CVSS:6.5(Medium)

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

CWE-6432023