Security Advisories

image from Cantemo Portal XSS Vulnerabilities

Notice Multiple Cross-Site Scripting vulnerabilities have been found in Cantemo Portal™. A successful exploit could lead to users with access to the system obtaining more access than granted, including admin access. Depending on system configuration an attacker can also potentially execute arbitrary code on the server running Cantemo Portal. Cantemo has released software updates that address this vulnerability. There are currently no workarounds that address these vulnerabilities and we would recommend all customers to upgrade to the latest applicable version.