4 matches found
CVE-2019-19089
For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP response, potentially causing the response body to be interpreted and displayed as different content type other than declared. A possible attack scenario would be unauthorized code execution via text...
CVE-2019-19089
creationtimestamp| type| source ---|---|--- 2020-04-03 01:28:09+00:00| seen| https://t.me/cibsecurity/10969...
CVE-2019-19089 eSOMS: X-Content-Type-Options Header Missing
For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP response, potentially causing the response body to be interpreted and displayed as different content type other than declared. A possible attack scenario would be unauthorized code execution via text...
CVE-2019-19089
ABB eSOMS versions 4.0–6.0.3 are affected by CVE-2019-19089 due to a missing X-Content-Type-Options header in HTTP responses. This can allow the response body to be interpreted as a different content type, with a possible attack scenario of unauthorized code execution via text interpreted as Java...