NotCVE - vendor:"Next4Biz CRM & BPM Software"

2 results (0.003 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-4754 – Stored XSS in Next4Biz's BPM

https://notcve.org/view.php?id=CVE-2024-4754

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Next4Biz CRM & BPM Software Business Process Manangement (BPM) allows Stored XSS.This issue affects Business Process Manangement (BPM): from 6.6.4.4 before 6.6.4.5. • https://www.usom.gov.tr/bildirim/tr-24-0739 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-5683 – Remote Code Execution in Next4Biz's BPM

https://notcve.org/view.php?id=CVE-2024-5683

Improper Control of Generation of Code ('Code Injection') vulnerability in Next4Biz CRM & BPM Software Business Process Manangement (BPM) allows Remote Code Inclusion.This issue affects Business Process Manangement (BPM): from 6.6.4.4 before 6.6.4.5. • https://www.usom.gov.tr/bildirim/tr-24-0739 • CWE-94: Improper Control of Generation of Code ('Code Injection') •