Redwood Redwood

  1. Vendors
  2. Redwood

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Redwood product.

RSS Feeds for Redwood security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Redwood products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Redwood Sorted by Most Security Vulnerabilities since 2018

Redwood Sap Business Process Automation3 vulnerabilities

Redwood Report2web2 vulnerabilities

Redwood Jscape Mft1 vulnerability

By the Year

In 2026 there have been 0 vulnerabilities in Redwood. Redwood did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2026 0 0.00
2025 0 0.00
2024 0 0.00
2023 1 7.20
2022 0 0.00
2021 2 5.70
2020 0 0.00
2019 0 0.00
2018 3 6.87

It may take a day or so for new Redwood vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Redwood Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2023-4528 Sep 07, 2023
JSCAPE MFT Server <2023.1.9 Unsafe Deserialization on Mgmt Interface Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 (Windows, Linux, and MacOS) permits an attacker to run arbitrary Java code (including OS commands) via its management interface
Jscape Mft
CVE-2021-26710 Feb 05, 2021
A cross-site scripting (XSS) issue in the login panel in Redwood Report2Web 4.3.4.5 and 4.5.3 A cross-site scripting (XSS) issue in the login panel in Redwood Report2Web 4.3.4.5 and 4.5.3 allows remote attackers to inject JavaScript via the signIn.do urll parameter.
Report2web
CVE-2021-26711 Feb 05, 2021
A frame-injection issue in the online help in Redwood Report2Web 4.3.4.5 A frame-injection issue in the online help in Redwood Report2Web 4.3.4.5 allows remote attackers to render an external resource inside a frame via the help/Online_Help/NetHelp/default.htm turl parameter.
Report2web
CVE-2018-2366 Mar 14, 2018
SAP Business Process Automation (BPA) By Redwood, 9.0, 9.1 SAP Business Process Automation (BPA) By Redwood, 9.0, 9.1, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs.
Sap Business Process Automation
CVE-2018-2400 Mar 14, 2018
Under certain conditions SAP Business Process Automation (BPA) By Redwood, 9.00, 9.10 Under certain conditions SAP Business Process Automation (BPA) By Redwood, 9.00, 9.10, allows an attacker to access information which would otherwise be restricted.
Sap Business Process Automation
CVE-2018-2401 Mar 14, 2018
SAP Business Process Automation (BPA) By Redwood does not sufficiently validate an XML document accepted SAP Business Process Automation (BPA) By Redwood does not sufficiently validate an XML document accepted from an untrusted source resulting in an XML External Entity (XXE) vulnerability.
Sap Business Process Automation
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.