57 matches found
EUVD-2018-1031
Malware in sbrugna...
EUVD-2018-7326
Malware in sbrugna...
EUVD-2017-13006
Malware in sbrugna...
EUVD-2018-1190
Malware in sbrugna...
EUVD-2017-3864
Malware in sbrugna...
EUVD-2019-10334
Malware in sbrugna...
EUVD-2017-3865
Malware in sbrugna...
The vulnerability in the web interface for controlling Cisco Registered Envelope Service allows a attacker to perform XSS attacks.
The vulnerability in the web interface for managing Cisco Registered Envelope Service security information exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
CVE-2019-1777
A vulnerability in the web-based interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the service. The vulnerability is due to insufficient validation of user-supplied input by the...
CVE-2019-1777
A vulnerability in the web-based interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the service. The vulnerability is due to insufficient validation of user-supplied input by the...
Cross site scripting
A vulnerability in the web-based interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the service. The vulnerability is due to insufficient validation of user-supplied input by the...
CVE-2019-1777 Cisco Registered Envelope Service Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the service. The vulnerability is due to insufficient validation of user-supplied input by the...
CVE-2019-1777
CVE-2019-1777 concerns the Cisco Registered Envelope Service web interface, where insufficient input validation enables an authenticated, remote attacker to perform a cross-site scripting (XSS) attack on another user. Exploitation involves sending a malicious payload via email to a target user, p...
CVE-2019-1777 Cisco Registered Envelope Service Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the service. The vulnerability is due to insufficient validation of user-supplied input by the...
Cisco Registered Envelope Service Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the service. The vulnerability is due to insufficient validation of user-supplied input by the...
CVE-2018-15448
A vulnerability in the user management functions of Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to discover sensitive user information. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to an insecu...
Spoofing
A vulnerability in the user management functions of Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to discover sensitive user information. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to an insecu...
CVE-2018-15448 Cisco Registered Envelope Service Information Disclosure Vulnerability
A vulnerability in the user management functions of Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to discover sensitive user information. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to an insecu...
Cisco Registered Envelope Service Information Disclosure Vulnerability
Cisco Registered Envelope Service is a set of mail service solutions from Cisco USA. The product includes read receipts for mail, mail recycling, mail forwarding and reply functions, and provides smartphone support. An information disclosure vulnerability exists in the user management functionali...
Cross site scripting
A vulnerability in the web-based management interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to...