hsweb CVE Vulnerabilities & CVE List (2)

Products (CPE): — CVEs: 2

hsweb vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to hsweb, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 12 of 2 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2018-20595 A CSRF issue was discovered in web/authorization/oauth2/controller/OAuth2ClientController.java in hsweb 3.0.4 because the state parameter in the request is not compared with the state parameter in the session after user authentication is successful. [email protected] 8.8 0.64% 2018-12-30 2026-06-16
CVE-2018-20594 An issue was discovered in hsweb 3.0.4. It is a reflected XSS vulnerability due to the absence of type parameter checking in FlowableModelManagerController.java. [email protected] 6.1 0.86% 2018-12-30 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence