Filtered by vendor Nintex
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-27924 | 1 Nintex | 1 Automation | 2026-01-30 | N/A | 5.4 MEDIUM |
| Nintex Automation 5.6 and 5.7 before 5.8 has a stored XSS issue associated with the "Navigate to a URL" action. | |||||
| CVE-2025-27925 | 1 Nintex | 1 Automation | 2026-01-29 | N/A | 8.5 HIGH |
| Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization of user input. | |||||
| CVE-2025-27926 | 1 Nintex | 1 Automation | 2026-01-29 | N/A | 4.3 MEDIUM |
| In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users. | |||||
| CVE-2022-38167 | 1 Nintex | 1 Workflow | 2025-05-01 | N/A | 6.1 MEDIUM |
| The Nintex Workflow plugin 5.2.2.30 for SharePoint allows XSS. | |||||
| CVE-2015-7299 | 1 Nintex | 3 K2 Blackpearl, K2 For Sharepoint, K2 Smartforms | 2025-04-12 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in K2 blackpearl, smartforms, and K2 for SharePoint 4.6.7 allows remote attackers to execute arbitrary SQL commands via the xml parameter. | |||||