18 matches found
EUVD-2017-16457
Malware in sbrugna...
EUVD-2020-30326
Malware in sbrugna...
CVE-2020-9520
A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker controlled...
SUSE CVE-2017-7433
An absolute path traversal vulnerability CWE-36 in Micro Focus Vibe 4.0.2 and earlier allows a remote authenticated attacker to download arbitrary files from the server by submitting a specially crafted request to the viewFile endpoint. Note that the attack can be performed without authentication...
Micro Focus Vibe Cross-Site Scripting Vulnerability (CNVD-2020-20429)
Micro Focus Vibe is a team collaboration management solution from Micro Focus UK. The solution has features such as file sharing, building dynamic forms and workflows. A cross-site scripting vulnerability exists in Micro Focus Vibe version 4.0.6. The vulnerability stems from the WEB application...
Micro Focus Vibe 4.0.6 HTML Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2019-046 Product: Micro Focus Vibe formerly Novelle Vibe Manufacturer: Micro Focus International plc Affected Versions: 4.0.6 Tested Versions: 4.0.6 Vulnerability Type: HTML Injection CWE-79 Risk Level: Low Solution Status: Fixed...
Micro Focus Vibe Cross-Site Scripting Vulnerability
Micro Focus Vibe is a team collaboration management solution from Micro Focus UK. The solution has features such as file sharing, building dynamic forms and workflows. A cross-site scripting vulnerability exists in Micro Focus Vibe versions prior to 4.0.7. The vulnerability stems from the WEB...
CVE-2020-9520
A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker controlled...
CVE-2020-9520
A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker controlled...
Cross site scripting
A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker controlled...
CVE-2020-9520
A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker controlled...
CVE-2020-9520
Affected product: Micro Focus Vibe (pre-4.0.7). Vulnerability: Stored Cross-Site Scripting (XSS) in Vibe prior to version 4.0.7. An attacker can craft and store malicious content that, when viewed by another user, executes attacker-controlled JavaScript in the target browser. Root cause / details...
Micro Focus Vibe Directory Traversal Vulnerability
Micro Focus Vibe aggregates what users need to do their jobs.Vibe supports seamless and secure access.The Vibe mobile app securely stores login credentials for one or more Vibe sites, so users can easily and quickly connect to Vibe sites. A directory traversal vulnerability exists in Micro Focus...
CVE-2017-7433
An absolute path traversal vulnerability CWE-36 in Micro Focus Vibe 4.0.2 and earlier allows a remote authenticated attacker to download arbitrary files from the server by submitting a specially crafted request to the viewFile endpoint. Note that the attack can be performed without authentication...
Path traversal
An absolute path traversal vulnerability CWE-36 in Micro Focus Vibe 4.0.2 and earlier allows a remote authenticated attacker to download arbitrary files from the server by submitting a specially crafted request to the viewFile endpoint. Note that the attack can be performed without authentication...
CVE-2017-7433
An absolute path traversal vulnerability CWE-36 in Micro Focus Vibe 4.0.2 and earlier allows a remote authenticated attacker to download arbitrary files from the server by submitting a specially crafted request to the viewFile endpoint. Note that the attack can be performed without authentication...
CVE-2017-7433
An absolute path traversal vulnerability CWE-36 in Micro Focus Vibe 4.0.2 and earlier allows a remote authenticated attacker to download arbitrary files from the server by submitting a specially crafted request to the viewFile endpoint. Note that the attack can be performed without authentication...
CVE-2017-7433
CVE-2017-7433 affects Micro Focus Vibe 4.0.2 and earlier, with an absolute path traversal in the viewFile endpoint. The vulnerability permits a remote attacker to download arbitrary files from the server; authentication may not be required if Guest access is enabled (Guest access is disabled by d...