pkg:Bitnami/processmaker

All known vulnerabilities

• HIGH8.8CVE-2022-38577ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page.
  from 0, < 3.5.4
• MEDIUM6.4CVE-2020-13525The sort parameter in the download page /sysworkflow/en/neoclassic/reportTables/reportTables_Ajax is vulnerable to SQL injection in Process…
  >= 3.4.11, <= 3.4.11
• MEDIUM6.4CVE-2020-13526SQL injection vulnerability exists in the handling of sort parameters in ProcessMaker 3.4.11.
  >= 3.4.11, <= 3.4.11