NotCVE - vendor:"Next4Biz CRM & BPM Software" product:"Business Process Manangement (BPM)"

2 results (0.003 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-4754 – Stored XSS in Next4Biz's BPM

https://notcve.org/view.php?id=CVE-2024-4754

24 Jun 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Next4Biz CRM & BPM Software Business Process Manangement (BPM) allows Stored XSS.This issue affects Business Process Manangement (BPM): from 6.6.4.4 before 6.6.4.5. • https://www.usom.gov.tr/bildirim/tr-24-0739 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-5683 – Remote Code Execution in Next4Biz's BPM

https://notcve.org/view.php?id=CVE-2024-5683

24 Jun 2024 — Improper Control of Generation of Code ('Code Injection') vulnerability in Next4Biz CRM & BPM Software Business Process Manangement (BPM) allows Remote Code Inclusion.This issue affects Business Process Manangement (BPM): from 6.6.4.4 before 6.6.4.5. • https://www.usom.gov.tr/bildirim/tr-24-0739 • CWE-94: Improper Control of Generation of Code ('Code Injection') •