Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
33048.5%CRITICAL

Related CVEs

3
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-63260SyncFusion 30.1.37 is vulnerable to Cross Site Scripting (XSS) via the Document-Editor reply to comment field and Chat-UI Chat message.MEDIUM5.46.1%Mar 20, 2026
CVE-2023-26564The Syncfusion EJ2 ASPCore File Provider 3ac357f is vulnerable to Models/PhysicalFileProvider.cs directory traversal. As a result, an unauthenticated attacker can list files within a directory, download any file, or upload any file to any directory accessible by the web server.CRITICAL9.868.9%Jul 12, 2023
CVE-2023-26563The Syncfusion EJ2 Node File Provider 0102271 is vulnerable to filesystem-server.js directory traversal. As a result, an unauthenticated attacker can: - On Windows, list files in any directory, read any file, delete any file, upload any file to any directory accessible by the web server. - On Linux, read any file, download any directory, delete any file, upload any file to any directory accessible by the web server.CRITICAL9.870.5%Jul 12, 2023