11 matches found
EUVD-2021-22117
Malware in sbrugna...
CVE-2021-35475
SAS Environment Manager 2.5 allows XSS through the Name field when creating/editing a server. The XSS will prompt when editing the Configuration Properties...
SAS Environment Manager 2.5 - (name) Stored Cross-Site Scripting Vulnerability
Exploit Title: SAS Environment Manager 2.5 - 'name' Stored Cross-Site Scripting XSS Exploit Author: Luqman Hakim Zahari @ Saitamang Vendor Homepage: https://support.sas.com/en/software/environment-manager-support.html Version: 2.5 Tested on: CentOS 7 CVE : CVE-2021-35475 Description SAS®...
SAS Environment Manager 2.5 - 'name' Stored Cross-Site Scripting (XSS)
Exploit Title: SAS Environment Manager 2.5 - 'name' Stored Cross-Site Scripting XSS Date: 24/06/2021 Exploit Author: Luqman Hakim Zahari @ Saitamang Vendor Homepage: https://support.sas.com/en/software/environment-manager-support.html Version: 2.5 Tested on: CentOS 7 CVE : CVE-2021-35475...
SAS Environment Manager 2.5 Cross Site Scripting
Exploit Title: SAS Environment Manager 2.5 - 'name' Stored Cross-Site Scripting XSS Date: 24/06/2021 Exploit Author: Luqman Hakim Zahari @ Saitamang Vendor Homepage: https://support.sas.com/en/software/environment-manager-support.html Version: 2.5 Tested on: CentOS 7 CVE : CVE-2021-35475...
CVE-2021-35475
SAS Environment Manager 2.5 allows XSS through the Name field when creating/editing a server. The XSS will prompt when editing the Configuration Properties...
CVE-2021-35475
SAS Environment Manager 2.5 allows XSS through the Name field when creating/editing a server. The XSS will prompt when editing the Configuration Properties...
Cross site scripting
SAS Environment Manager 2.5 allows XSS through the Name field when creating/editing a server. The XSS will prompt when editing the Configuration Properties...
CVE-2021-35475
CVE-2021-35475 : SAS Environment Manager 2.5 is affected by a stored XSS via the Name field when creating or editing a server. The vulnerability arises from insufficient sanitization of the Name field, allowing injected scripts to execute, with the XSS trigger visible when editing Configuration P...
CVE-2021-35475
SAS Environment Manager 2.5 allows XSS through the Name field when creating/editing a server. The XSS will prompt when editing the Configuration Properties...
SAS Environment Manager 跨站脚本漏洞
SAS Environment Manager is a web-based management solution for SAS environments from SAS, Inc. A security vulnerability exists in SAS Environment Manager that stems from SAS Environment Manager 2.5 allowing XSS to pass through the Name field when creating an edit server. An attacker could exploit...