Lucene search
K

7 matches found

CVE
CVE
added 2026/07/06 9:0 p.m.13 views

CVE-2026-42331

FOSSBilling before version 0.8.0 has an authorization gap in the Guest API invoice/update endpoint. An unauthenticated attacker who knows an invoice hash can modify the payment gateway associated with an unpaid invoice, potentially changing gateway_id to any gateway configured in the system. The ...

7.7CVSS6AI score0.00247EPSS
Exploits0References1
NVD
NVD
added 2024/02/27 11:15 p.m.31 views

CVE-2024-26300

A vulnerability in the guest interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim...

6.6CVSS6AI score0.00358EPSS
Exploits0References1
OSV
OSV
added 2024/02/27 11:15 p.m.5 views

CVE-2024-26300

A vulnerability in the guest interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim...

4.8CVSS6AI score0.00358EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.7 views

Aruba Networks ClearPass Policy Manager Security Vulnerability

Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. A security vulnerability exists in Aruba Networks ClearPass Policy Manager that stems from a guest interface that could allow an authenticated, remote...

6.6CVSS6.1AI score0.00358EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/02/27 12:0 a.m.4 views

PT-2024-21341 · Aruba · Clearpass Policy Manager

Name of the Vulnerable Software and Affected Versions: ClearPass Policy Manager affected versions not specified Description: A vulnerability in the guest interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against ...

6.6CVSS6AI score0.00358EPSS
Exploits0References6
Prion
Prion
added 2022/09/20 8:15 p.m.13 views

Design/Logic Flaw

A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific operations which result in a Denial-of-Service condition. A successful exploitation of this vulnerability results in the unavailability of the guest interface in...

5CVSS7.5AI score0.00722EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/09/20 12:0 a.m.5 views

Aruba Networks ClearPass Policy Manager 安全漏洞

Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. A security vulnerability exists in Aruba Networks ClearPass Policy Manager version 6.10.6 and earlier, 6.9.11 and earlier, which stems from a flaw in the...

7.5CVSS7.3AI score0.00722EPSS
Exploits0References2
Rows per page
Query Builder