Bonitasoft - Bonita Bpm Portal CVE - OpenCVE

Filtered by vendor Bonitasoft Subscriptions

Filtered by product Bonita Bpm Portal Subscriptions

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2015-3897	1 Bonitasoft	1 Bonita Bpm Portal	2024-08-06	N/A
Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the theme parameter and a file path in the location parameter to bonita/portal/themeResource.
CVE-2015-3898	1 Bonitasoft	1 Bonita Bpm Portal	2024-08-06	N/A
Multiple open redirect vulnerabilities in Bonita BPM Portal before 6.5.3 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the redirectUrl parameter to (1) bonita/login.jsp or (2) bonita/loginservice.

Page 1 of 1.