汇总 gxsoftware 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
已披露问题常与 跨站脚本、CSRF与输入验证问题 相关,可能在 生产负载与软件部署 场景中带来 会话劫持与异常行为 等暴露风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2022-43713 | Interactive Forms (IAF) in GX Software XperienCentral versions 10.33.1 until 10.35.0 was vulnerable to invalid data input because form validation could be bypassed. | [email protected] | 7.5 | 0.43% | 2023-07-26 | 2026-06-17 |
| CVE-2022-43712 | POST requests to /web/mvc in GX Software XperienCentral version 10.36.0 and earlier were not blocked for uses that are not logged in. If an unauthorized user is able to bypass other security filters they are able to post unauthorized data to the server because of CVE-2022-22965. | [email protected] | 6.5 | 0.39% | 2023-07-26 | 2026-06-17 |
| CVE-2022-43711 | Interactive Forms (IAF) in GX Software XperienCentral versions 10.29.1 until 10.33.0 was vulnerable to cross site scripting attacks (XSS) because the CSP header uses eval() in the script-src. | [email protected] | 6.1 | 0.27% | 2023-07-26 | 2026-06-17 |
| CVE-2022-43710 | Interactive Forms (IAF) in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery (CSRF) because the unique token could be deduced using the names of all input fields. | [email protected] | 8.8 | 0.18% | 2023-07-26 | 2026-06-17 |