Product
eng spagobi
8 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-54795
CVE-2024-54794
CVE-2024-54792
CVE-2013-6231
CVE-2013-6234
CVE-2014-7296
CVE-2013-6233
CVE-2013-6232
all versions
SpagoBI v3.5.1 contains multiple Stored Cross-Site Scripting (XSS) vulnerabilities in the create/edit forms of the worksheet desig
all versions
The script input feature of SpagoBI 3.5.1 allows arbitrary code execution.
all versions
A Cross-Site Request Forgery (CSRF) vulnerability has been found in SpagoBI v3.5.1 in the user administration panel. An authentica
< 4.1
SpagoBI before 4.1 has Privilege Escalation via an error in the AdapterHTTP script
< 4.1
Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execut
all versions
The default configuration in the accessibility engine in SpagoBI 5.0.0 does not set FEATURE_SECURE_PROCESSING, which allows remote
<= 4.0
Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows remote authenticated users to inject arbitrary web script or
<= 4.0
Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows remote authenticated users to inject arbitrary web script or