outsystems outsystems vulnerabilities and exploits

(subscribe to this query)

A stored XSS vulnerability exists in the ECT Provider in OutSystems prior to 2020-09-04, affecting generated applications. It could allow an unauthenticated remote malicious user to craft and store malicious Feedback content into /ECT_Provider/, such that when the content is view...

Outsystems Lifetime Management Console Outsystems Outsystems Outsystems Platform Server

OutSystems Platform 10 through 11 allows ImageResourceDetail.aspx CSRF for content modifications and file uploads. NOTE: The product is self-hosted by the customer, even though it has a *.outsystemsenterprise.com domain name.) NOTE: The vendor claims that the independent research...

Outsystems Outsystems

An issue exists in the Upload Widget in OutSystems Platform 10 prior to 10.0.1019.0. An unauthenticated attacker can upload arbitrary files. In some cases, this attack may consume the available database space (Denial of Service), corrupt legitimate data if files are being process...

Outsystems Outsystems

A DLL hijacking vulnerability has been discovered in OutSystems Service Studio 11 11.53.30 build 61739. When a user open a .oml file (OutSystems Modeling Language), the application will load the following DLLs from the same directory av_libGLESv2.dll, libcef.DLL, user32.dll, and ...

Outsystems Service Studio 11.53.30

The ECT Provider component in OutSystems Platform Server 10 prior to 10.0.1104.0 and 11 prior to 11.9.0 (and LifeTime management console prior to 11.7.0) allows SSRF for arbitrary outbound HTTP requests.

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook