Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Appscan Source Security Vulnerabilities

cve
cve

CVE-2016-3033

IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

8.1CVSS

7.5AI Score

0.002EPSS

2016-12-01 11:59 AM
21
cve
cve

CVE-2019-16188

HCL AppScan Source before 9.03.13 is susceptible to XML External Entity (XXE) attacks in multiple locations. In particular, an attacker can send a specially crafted .ozasmt file to a targeted victim and ask the victim to open it. When the victim imports the .ozasmt file in AppScan Source, the conte...

7.1CVSS

6.7AI Score

0.001EPSS

2019-09-25 05:15 PM
26
cve
cve

CVE-2019-4388

HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting (XSS) attacks by allowing users to embed arbitrary JavaScript code in the Web UI.

4.8CVSS

5AI Score

0.001EPSS

2019-12-18 01:15 PM
20