PT-2024-27926 · R Hub · R-Hub Turbomeeting

Name of the Vulnerable Software and Affected Versions: R-HUB TurboMeeting versions prior to 9.x Description: A command-injection issue in the Certificate Signing Request CSR functionality allows authenticated attackers with administrator privileges to execute arbitrary commands on the underlying...

CVE-2020-7033

A Cross Site Scripting XSS Vulnerability on the Unified Portal Client web client used in Avaya Equinox Conferencing can allow an authenticated user to perform XSS attacks. The affected versions of Equinox Conferencing includes all 9.x versions before 9.1.10...

CVE-2020-7033 Avaya Equinox Conferencing XSS

A Cross Site Scripting XSS Vulnerability on the Unified Portal Client web client used in Avaya Equinox Conferencing can allow an authenticated user to perform XSS attacks. The affected versions of Equinox Conferencing includes all 9.x versions before 9.1.10...

Eclipse Jetty Server generates error message containing sensitive information

In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a...