Sage X3
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Sage X3.
By the Year
In 2026 there have been 0 vulnerabilities in Sage X3. X3 did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 2 | 6.30 |
It may take a day or so for new X3 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Sage X3 Security Vulnerabilities
Sage X3 12.14.0.50-0 XSS Vulnerability
CVE-2023-31868
5.4 - Medium
- June 22, 2023
Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting (XSS). Some parts of the Web application are dynamically built using user's inputs. Yet, those inputs are not verified nor filtered by the application, so they mathed the expected format. Therefore, when HTML/JavaScript code is injected into those fields, this code will be saved by the application and executed by the web browser of the user viewing the web page. Several injection points have been identified on the application. The major one requires the user to be authenticated with a common account, he can then target an Administrator. All others endpoints need the malicious user to be authenticated as an Administrator. Therefore, the impact is diminished.
XSS
Sage X3 12.14 CSV Injection Vulnerability
CVE-2023-31867
7.2 - High
- June 22, 2023
Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection.
CSV Injection
