23 matches found
CVE-2017-12224
CVE-2017-12224 affects Cisco Meeting Server. The issue is the incorrect implementation of the configuration setting Guest access via hyperlinks, allowing an authenticated, remote attacker to join a meeting via a crafted hyperlink even when access should be denied. The attacker would still need a ...
Apache OpenMeetings Event Description Cross-Site Scripting (CVE-2016-2163)
A cross-site scripting vulnerability has been reported in the event handling component of Apache OpenMeetings. The vulnerability is due to insufficient validation of input for event descriptions. A remote, authenticated attacker could exploit this vulnerability by scheduling an event with a craft...
The vulnerability of WebSphere Application Server’s application servers allows attackers to inject arbitrary HTTP headers.
The vulnerability of WebSphere Application Server for application servers exists due to the lack of measures to address the CRLF sequence return with a line break. Exploiting this vulnerability allows a malicious actor to inject arbitrary HTTP headers using a specially crafted URL...