汇总 inetsoftware 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
已披露问题常与 XXE、开放重定向与路径处理缺陷 相关,可能在 软件部署与生产负载 场景中带来 文件覆盖 等暴露风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2020-28150 | I-Net Software Clear Reports 20.10.136 web application accepts a user-controlled input that specifies a link to an external site, and uses the user supplied data in a Redirect. | [email protected] | 6.1 | 0.16% | 2021-03-09 | 2024-11-21 |
| CVE-2020-12684 | XXE injection can occur in i-net Clear Reports 2019 19.0.287 (Designer), as used in i-net HelpDesk and other products, when XML input containing a reference to an external entity is processed by a weakly configured XML parser. | [email protected] | 9.8 | 0.43% | 2020-07-15 | 2024-11-21 |
| CVE-2020-11431 | The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthenticated attacker to read arbitrary system files and directories on the target server via Directory Traversal. | [email protected] | 9.1 | 1.74% | 2020-05-07 | 2024-11-21 |