Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Unisys Subscribe
Filtered by product Data Exchange Management Studio
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-32555 1 Unisys 1 Data Exchange Management Studio 2022-09-16 N/A 8.8 HIGH
Unisys Data Exchange Management Studio before 6.0.IC2 and 7.x before 7.0.IC1 doesn't have an Anti-CSRF token to authenticate the POST request. Thus, a cross-site request forgery attack could occur.
CVE-2020-35542 1 Unisys 1 Data Exchange Management Studio 2021-05-06 3.5 LOW 5.4 MEDIUM
Unisys Data Exchange Management Studio through 5.0.34 doesn't sanitize the input to a HTML document field. This could be used for an XSS attack.