Known Vulnerabilities
CVE-2021-35221
Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.
MEDIUM
CVSS 6.3
Published Aug 31, 2021
CVE-2021-35220
Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.
HIGH
CVSS 8.1
Published Aug 31, 2021
CVE-2021-35219
ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page.
MEDIUM
CVSS 6.0
Published Aug 31, 2021