GCVE - cpe:2.3:a:flexense:vx_search_enterprise:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:flexense:vx_search_enterprise:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Flexense (`0cbcbab9-d7d0-546e-93f4-bdd36a312974`)
Product	Vx Search Enterprise (`c8a66801-fd19-5df6-85eb-8ac97149e75d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-49575`	vulnerable	2026-06-03 14:53:20.843983	XSS vulnerability in VX Search Enterprise HIGH (7.1) A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14, in Sync Breeze Enterprise Server 10.4.18 version, and in Disk Pulse Enterprise 10.4.18 version, that could allow an attacker to execute persistent XSS through /setup_smtp in smtp_server, smtp_user, smtp_password and smtp_email_address parameters. This vulnerability could allow an attacker to store malicious JavaScript payloads on the system to be triggered when the page loads. Published: 2024-05-24T12:40:24.398Z Updated: 2025-05-21T11:26:56.297Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-flexense-vx-search-enterprise	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-49574`	vulnerable	2026-06-03 14:53:20.843626	XSS vulnerability in VX Search Enterprise HIGH (7.1) A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14 that could allow an attacker to execute persistent XSS through /add_job in job_name. This vulnerability could allow an attacker to store malicious JavaScript payloads on the system to be triggered when the page loads. Published: 2024-05-24T12:40:10.823Z Updated: 2024-08-02T22:01:24.745Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-flexense-vx-search-enterprise	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-49573`	vulnerable	2026-06-03 14:53:20.843264	XSS vulnerability in VX Search Enterprise HIGH (7.1) A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14 that could allow an attacker to execute persistent XSS through /add_command_action in action_value. This vulnerability could allow an attacker to store malicious JavaScript payloads on the system to be triggered when the page loads. Published: 2024-05-24T12:39:56.943Z Updated: 2024-08-02T22:01:25.701Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-flexense-vx-search-enterprise	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-49572`	vulnerable	2026-06-03 14:53:20.840640	XSS vulnerability in VX Search Enterprise HIGH (7.1) A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14, and in Disk Pulse Enterprise 10.4.18 version, that could allow an attacker to execute persistent XSS through /setup_odbc in odbc_data_source, odbc_user and odbc_password parameters. This vulnerability could allow an attacker to store malicious JavaScript payloads on the system to be triggered when the page loads. Published: 2024-05-24T12:39:32.532Z Updated: 2025-05-21T11:25:06.488Z Open on db.gcve.eu Reference links https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-flexense-vx-search-enterprise	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.