Lucene search

Web Access Security Vulnerabilities

cve

CVE-2014-9352

Cross-site scripting (XSS) vulnerability in the mail administration login panel in Scalix Web Access 11.4.6.12377 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

5.8AI Score

0.002EPSS

2014-12-09 11:59 PM

cve

CVE-2014-9360

XML external entity (XXE) vulnerability in Scalix Web Access 11.4.6.12377 and 12.2.0.14697 allows remote attackers to read arbitrary files and trigger requests to intranet servers via a crafted request.

6.8AI Score

0.004EPSS

2014-12-10 03:59 PM