CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Multiple stored cross-site scripting XSS vulnerabilities in FICO Origination Manager Decision Module 4.8.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.9AI score0.00486EPSS

Exploits2References1

OSV•added 2023/05/09 9:15 p.m.•1 views

CVE-2023-30056

A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cookie...

7.5CVSS7.1AI score

Exploits0References3

OSV•added 2023/05/09 9:15 p.m.•4 views

CVE-2023-30057

Multiple stored cross-site scripting XSS vulnerabilities in FICO Origination Manager Decision Module 4.8.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS6.2AI score0.00486EPSS

Exploits2References3

NVD•added 2023/05/09 9:15 p.m.•7 views

CVE-2023-30056

A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cookie...

7.5CVSS7.5AI score0.00406EPSS

Exploits2References3

NVD•added 2023/05/09 9:15 p.m.•12 views

CVE-2023-30057

Multiple stored cross-site scripting XSS vulnerabilities in FICO Origination Manager Decision Module 4.8.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.4AI score0.00486EPSS

Exploits2References3

Prion•added 2023/05/09 9:15 p.m.•14 views

Cross site scripting

Multiple stored cross-site scripting XSS vulnerabilities in FICO Origination Manager Decision Module 4.8.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload...

4.9CVSS5.8AI score0.00486EPSS

Exploits2References3Affected Software1

Prion•added 2023/05/09 9:15 p.m.•10 views

Session fixation

A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cookie...

5CVSS7.4AI score0.00406EPSS

Exploits2References3Affected Software1

Cvelist•added 2023/05/09 12:0 a.m.•11 views

CVE-2023-30056

A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cookie...

7.7AI score0.00406EPSS

Exploits2References3

CNNVD•added 2023/05/09 12:0 a.m.•2 views

FICO Origination Manager 授权问题漏洞

FICO Origination Manager FICO OM is a comprehensive customer origination platform from FICO USA, Inc. designed to enable both large and small organizations to maximize returns and control costs, and provide strong customer engagement. A security vulnerability exists in FICO Origination Manager...

7.5CVSS7.3AI score0.00406EPSS

Exploits2References5

Cvelist•added 2023/05/09 12:0 a.m.•16 views

CVE-2023-30057

Multiple stored cross-site scripting XSS vulnerabilities in FICO Origination Manager Decision Module 4.8.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.6AI score0.00486EPSS

Exploits2References3

CNNVD•added 2023/05/09 12:0 a.m.•2 views

FICO Origination Manager 跨站脚本漏洞

5.4CVSS6.1AI score0.00486EPSS

Exploits2References5

CVE•added 2023/05/09 12:0 a.m.•47 views

CVE-2023-30056

CVE-2023-30056 affects FICO Origination Manager Decision Module 4.8.1. The vulnerability is a session takeover caused by insufficient protection of the JSESSIONID cookie. According to the sources, the CVSSv3.1 base score is 7.5 (HIGH), with Network attack vector, no user interaction, and no privi...

7.5CVSS7.4AI score0.00406EPSS

Exploits2References3Affected Software1

Vulnrichment•added 2023/05/09 12:0 a.m.•6 views

CVE-2023-30056

A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cookie...

7.5AI score0.00406EPSS

Exploits2References3

0day.today•added 2023/05/09 12:0 a.m.•438 views

FICO Origination Manager Decision Module 4.8.1 XSS / Session Hijacking Vulnerabilities

Multiple persistent cross site scripting vulnerabilities in FICO Origination Manager Decision Module version 4.8.1 allow an attacker to execute code in the context of the victim's browser using a crafted payload. Additionally, an attacker with initial access to the application, can get the...

7.5CVSS6.9AI score0.00486EPSS

Exploits2

CVE•added 2023/05/09 12:0 a.m.•39 views

CVE-2023-30057

CVE-2023-30057 corresponds to multiple stored cross-site scripting (XSS) vulnerabilities in FICO Origination Manager Decision Module 4.8.1. The available connected documents confirm the affected software is FICO Origination Manager Decision Module 4.8.1, and the root cause is stored XSS allowing ...

5.4CVSS5.8AI score0.00486EPSS

Exploits2References3Affected Software1

Vulnrichment•added 2023/05/09 12:0 a.m.•7 views

CVE-2023-30057

Multiple stored cross-site scripting XSS vulnerabilities in FICO Origination Manager Decision Module 4.8.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4AI score0.00486EPSS

Exploits2References3

Packet Storm•added 2023/05/08 12:0 a.m.•318 views

FICO Origination Manager Decision Module 4.8.1 XSS / Session Hijacking

Exploit Title: Stored-XSS in FICO Origination Manager Decision Module 4.8.1 Leads to Session Hijacking Date: 2023-05-07 Exploit Author: Matei Josephs Vendor Homepage: https://www.fico.com/ Version: FICO Origination Manager Decision Module 4.8.1 CVE : CVE-2023-30056, CVE-2023-30057 Introduction...

7.1AI score0.00486EPSS

Exploits2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by