Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-1000528

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GONICUS GOsa version before commit 56070d6289d47ba3f5918885954dcceb75606001 contains a Cross Site Scripting XSS vulnerability in change password form...

6.1CVSS7AI score0.46323EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/10/29 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-4609-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.46323EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2020/10/28 7:46 p.m.76 views

USN-4609-1: GOsa vulnerabilities

Fabian Henneke discovered that GOsa incorrectly handled client cookies. An authenticated user could exploit this with a crafted cookie to perform file deletions in the context of the user account that runs the web server. CVE-2019-14466 It was discovered that GOsa incorrectly handled user access...

9.8CVSS7.5AI score0.46323EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/07/05 12:0 a.m.82 views

Debian DSA-4239-1 : gosa - security update

Fabian Henneke discovered a cross-site scripting vulnerability in the password change form of GOsa, a web-based LDAP administration program. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4239. The text itse...

6.1CVSS6.4AI score0.46323EPSS
Exploits0References4
Debian
Debian
added 2018/07/03 9:5 p.m.36 views

[SECURITY] [DSA 4239-1] gosa security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4239-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 03, 2018 https://www.debian.org/security/faq -...

6.1CVSS6.2AI score0.46323EPSS
Exploits0
CVE
CVE
added 2018/06/26 4:0 p.m.76 views

CVE-2018-1000528

CVE-2018-1000528 affects GONICUS GOsa prior to commit 56070d6289d47ba3f5918885954dcceb75606001. The XSS flaw is in the change password form (html/password.php, #308), allowing injection of arbitrary script/HTML when a user views a specially crafted page. Attack requires victim interaction (openin...

6.1CVSS6.2AI score0.46323EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder