Filtered by vendor Eptura
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-48644 | 1 Eptura | 1 Archibus | 2025-05-23 | N/A | 6.1 MEDIUM |
| An issue was discovered in the Archibus app 4.0.3 for iOS. There is an XSS vulnerability in the create work request feature of the maintenance module, via the description field. This allows an attacker to perform an action on behalf of the user, exfiltrate data, and so on. | |||||
| CVE-2023-48645 | 1 Eptura | 1 Archibus | 2024-11-21 | N/A | 7.8 HIGH |
| An issue was discovered in the Archibus app 4.0.3 for iOS. It uses a local database that is synchronized with a Web central server instance every time the application is opened, or when the refresh button is used. There is a SQL injection in the search work request feature in the Maintenance module of the app. This allows performing queries on the local database. | |||||