本ページは rws worldserver に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2024-50849 | A Stored Cross-Site Scripting (XSS) vulnerability in the "Rules" functionality of WorldServer v11.8.2 allows a remote authenticated attacker to execute arbitrary JavaScript code. | [email protected] | 4.8 | 0.48% | 2024-11-18 | 2025-10-20 |
| CVE-2024-50848 | An XML External Entity (XXE) vulnerability in the Import object and Translation Memory import functionalities of WorldServer v11.8.2 to access sensitive information and execute arbitrary commands via supplying a crafted .tmx file. | [email protected] | 6.5 | 1.15% | 2024-11-18 | 2025-10-20 |
| CVE-2022-34270 | An issue was discovered in RWS WorldServer before 11.7.3. Regular users can create users with the Administrator role via UserWSUserManager. | [email protected] | 9.8 | 0.89% | 2024-02-29 | 2025-04-16 |
| CVE-2022-34269 | An issue was discovered in RWS WorldServer before 11.7.3. An authenticated, remote attacker can perform a ws-legacy/load_dtd?system_id= blind SSRF attack to deploy JSP code to the Apache Axis service running on the localhost interface, leading to command execution. | [email protected] | 8.8 | 1.71% | 2024-02-29 | 2025-04-16 |
| CVE-2022-34268 | An issue was discovered in RWS WorldServer before 11.7.3. /clientLogin deserializes Java objects without authentication, leading to command execution on the host. | [email protected] | 9.8 | 1.46% | 2023-12-25 | 2024-11-21 |
| CVE-2022-34267 | An issue was discovered in RWS WorldServer before 11.7.3. Adding a token parameter with the value of 02 bypasses all authentication requirements. Arbitrary Java code can be uploaded and executed via a .jar archive to the ws-api/v2/customizations/api endpoint. | [email protected] | 9.8 | 42.16% | 2023-12-25 | 2024-11-21 |
| CVE-2023-38357 | Session tokens in RWS WorldServer 11.7.3 and earlier have a low entropy and can be enumerated, leading to unauthorized access to user sessions. | [email protected] | 5.3 | 3.12% | 2023-08-01 | 2024-11-21 |