Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

S3 Browser Security Vulnerabilities

cve
cve

CVE-2022-3073

Quanos "SCHEMA ST4" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser...

6.1CVSS

6.5AI Score

0.001EPSS

2022-12-14 09:15 AM
28
cve
cve

CVE-2018-20298

S3 Browser before 8.1.5 contains an XML external entity (XXE) vulnerability, allowing remote attackers to read arbitrary files and obtain NTLMv2 hash values by tricking a user into connecting to a malicious server via the S3...

6.5CVSS

6.4AI Score

0.002EPSS

2022-10-03 04:22 PM
21
cve
cve

CVE-2018-1000177

A cross-site scripting vulnerability exists in Jenkins S3 Plugin 0.10.12 and older in src/main/resources/hudson/plugins/s3/S3ArtifactsProjectAction/jobMain.jelly that allows attackers able to control file names of uploaded files to define file names containing JavaScript that would be executed in.....

5.4CVSS

5.1AI Score

0.001EPSS

2022-10-03 04:21 PM
24