Affected Product: enaio® component AppConnector – Version 10.10.0.183 and earlier of enaio® 10.10, Version 11.0.0.183 and earlier of enaio® 11.0, Version 11.10.0.183 and earlier of enaio® 11.10 CVSS Score (v3.1): 7.7 (High) Assigned CVE: CVE-2025-56425 Recommendation:...
CVEs
XML External Entity (XXE) Injection in e-invoice pro (CVE-2025-56424)
Affected Product: e-invoice pro by Insiders Technologies GmbH - Versions prior to Release 1 Service Pack 2 CVSS Rating (v3.1): 7.6 (High) Assigned CVE: CVE-2025-56424 Recommendation: Update to Release 1 Service Pack 2 or higher Credit: Simon Holl and Lucas Noki of...
Cross-Site Scripting in Qiata (CVE-2025-45850)
Unauthorized Access to Files in Qiata (CVE-2025-45849)
Affected Product: Qiata by SECUDOS Version 4.00.00–4.17.00CVSS Score (v3.1): 5.3 (Medium)Assigned CVE: CVE-2025-45849Recommendation: Update to Version 4.18.00Credit: Nina Wagner from MindBytes GmbHUsers can access files or their previews for which they are not...