MAL-2026-3352 Malicious code in carbonite-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4fec002c13bf1ef1b49658e5dc490ca30515cf414294154827adadab04cbc234 The package carbonite-internal was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in carbonite-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4fec002c13bf1ef1b49658e5dc490ca30515cf414294154827adadab04cbc234 The package carbonite-internal was found to contain malicious code. Source: ossf-package-analysis...

CVE-2025-9120

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

CVE-2025-9120

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

CVE-2025-9120 RCE vulnerability has been discovered in OpenText™ Carbonite Safe Server Backup.

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

EUVD-2025-207564

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

CVE-2025-9120

CVE-2025-9120 : OpenText Carbonite Safe Server Backup is affected up to version 6.8.3 by an improper generation of code vulnerability (code injection). The issue can be exploited via an open port to potentially gain unauthorized access, with a CVSSv4.0 base score of 8.6 (HIGH) and local attack Ve...

CVE-2025-9120 RCE vulnerability has been discovered in OpenText™ Carbonite Safe Server Backup.

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

OpenText Carbonite Safe Server Backup 代码注入漏洞

OpenText Carbonite Safe Server Backup is a hybrid cloud backup software developed by OpenText Corporation in Canada. Versions of OpenText Carbonite Safe Server Backup 6.8.3 and earlier contained a code injection vulnerability. This vulnerability stemmed from improper code generation controls, whi...

EUVD-2020-5392

Malware in sbrugna...

CVE-2020-13116

OpenText Carbonite Server Backup Portal before 8.8.7 allows XSS by an authenticated user via policy creation...

Opentext Carbonite Server Backup Portal Cross-Site Scripting Vulnerability

OpenText develops and markets Enterprise Information Management EIM software. A cross-site scripting vulnerability exists in OpenText Carbonite Server Backup Portal 8.8.7 and earlier versions, which originates from a failure to effectively filter user input at policy creation, allowing an...

CVE-2020-13116

OpenText Carbonite Server Backup Portal before 8.8.7 allows XSS by an authenticated user via policy creation...

CVE-2020-13116

OpenText Carbonite Server Backup Portal before 8.8.7 allows XSS by an authenticated user via policy creation...

Design/Logic Flaw

OpenText Carbonite Server Backup Portal before 8.8.7 allows XSS by an authenticated user via policy creation...

CVE-2020-13116

OpenText Carbonite Server Backup Portal before 8.8.7 allows XSS by an authenticated user via policy creation...

CVE-2020-13116

Affected product: OpenText Carbonite Server Backup Portal. Vulnerability: Cross‑Site Scripting (XSS) via policy creation. Root cause: failure to adequately filter user input at policy creation. Impact: authenticated attacker can inject JavaScript into a client browser (arbitrary code execution in...

Opentext Carbonite 跨站脚本漏洞

OpenText develops and markets Enterprise Information Management EIM software. A cross-site scripting vulnerability exists in OpenText Carbonite Server Backup Portal 8.8.7 and earlier versions, which originates from a failure to effectively filter user input at policy creation, allowing an...

refer.carbonite.com XSS vulnerability

Vulnerable URL: https://refer.carbonite.com/terms-and-conditions/%22-alert/OPENBUGBOUNTY/-%22 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosur...

Carbonite Triggers Password Reset for 1.5M Customers After Reuse Attack

Online backup firm Carbonite is forcing all of its 1.5 million users to change their passwords after reporting that accounts was targeted in a password reuse attack. According to a statement issued by Carbonite on Tuesday hackers were attempting to break into user accounts using stolen credential...