CVE-2023-20242

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified CM Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to...

CVE-2022-20242

In Telephony, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-20242

Cisco reports a cross-site scripting (XSS) vulnerability in the web-based management interfaces of Cisco Unified Communications Manager (CUCM), Unified CM Session Management Edition (SME), and Unified Communications Manager IM&P. The issue arises from inadequate validation of user-supplied input ...

CVE-2022-20242

creationtimestamp| type| source ---|---|--- 2022-08-11 18:38:13+00:00| seen| https://t.me/cibsecurity/47986...

CVE-2022-20242

In Telephony, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-20242

CVE-2022-20242 describes a side-channel information disclosure in Android 13’s Telephony component that can reveal whether an app is installed, without query permissions. This enables local information disclosure with no user interaction, as indicated in the description. Affected product: Android...

CVE-2021-20242

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-20176. Reason: This candidate is a reservation duplicate of CVE-2021-20176. Notes: All CVE users should reference CVE-2021-20176 instead of th...

CVE-2019-20242

CVE-2019-20242 entry is rejected / not used as stated in the description.

CVE-2019-20242

...

org.apache.jspwiki.it:jspwiki-it-builder (=2.11.0), org.apache.jspwiki.it:jspwiki-it-test-cma (=2.11.0) +8 more potentially affected by CVE-2018-20242 via org.apache.jspwiki:jspwiki-war (>=2.10.0 <=2.11.0)

org.apache.jspwiki:jspwiki-war MAVEN version =2.10.0, =2.10.0, =2.10.3, =2.10.5 - org.apache.jspwiki:jspwiki-portable =2.11.0 Source cves: CVE-2018-20242 Source advisory: OSV:GHSA-5Q75-CXCQ-WR26...

CVE-2018-20242

A carefully crafted URL could trigger an XSS vulnerability on Apache JSPWiki, from versions up to 2.10.5, which could lead to session hijacking...

CVE-2018-20242

A carefully crafted URL could trigger an XSS vulnerability on Apache JSPWiki, from versions up to 2.10.5, which could lead to session hijacking...

CVE-2018-20242

This CVE affects Apache JSPWiki up to version 2.10.5, where a crafted URL could trigger a cross-site scripting (XSS) vulnerability. The described impact is potential session hijacking. The connected documents consistently identify JSPWiki as the affected product and the vulnerability type as XSS,...