155 matches found
CVE-2017-20114
A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This vulnerability affects unknown code of the file /admin/conferences/get-all-status/. The manipulation of the argument keys leads to basic cross site scripting Reflected. The attack can be initiated remotely...
Cross site scripting
A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic. Affected is an unknown function of the file /admin/group/list/. The manipulation of the argument checkedgroupid leads to basic cross site scripting Reflected. It is possible to launch the attack remotely. T...
Open redirect
A vulnerability classified as problematic has been found in TrueConf Server 4.3.7. This affects an unknown part of the file /admin/general/change-lang. The manipulation of the argument redirecturl leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclos...
Cross site scripting
A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/group. The manipulation leads to basic cross site scripting DOM. The attack can be launched remotely. The exploit has been disclos...
Cross site scripting
A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/conferences/list/. The manipulation of the argument domxss leads to basic cross site scripting DOM. The attack may be launched remotely. Th...
Cross site scripting
A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This vulnerability affects unknown code of the file /admin/conferences/get-all-status/. The manipulation of the argument keys leads to basic cross site scripting Reflected. The attack can be initiated remotely...
Cross site request forgery (csrf)
A vulnerability classified as problematic was found in TrueConf Server 4.3.7. This vulnerability affects unknown code of the file /admin/service/stop/. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...
Cross site scripting
A vulnerability, which was classified as problematic, was found in TrueConf Server 4.3.7. This affects an unknown part. The manipulation leads to basic cross site scripting Stored. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...
Cross site scripting
A vulnerability was found in TrueConf Server 4.3.7 and classified as problematic. This issue affects some unknown processing of the file /admin/conferences/list/. The manipulation of the argument sort leads to basic cross site scripting Reflected. The attack may be initiated remotely. The exploit...
CVE-2017-20120
TrueConf Server 4.3.7 is affected by a Cross‑Site Request Forgery in the /admin/service/stop/ endpoint. The vulnerability stems from insufficient validation of HTTP requests to perform administrative actions, potentially enabling remote attackers to forge authenticated requests. Multiple sources ...
CVE-2017-20120 TrueConf Server cross-site request forgery
A vulnerability classified as problematic was found in TrueConf Server 4.3.7. This vulnerability affects unknown code of the file /admin/service/stop/. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...
CVE-2017-20119 TrueConf Server change-lang redirect
A vulnerability classified as problematic has been found in TrueConf Server 4.3.7. This affects an unknown part of the file /admin/general/change-lang. The manipulation of the argument redirecturl leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclos...
CVE-2017-20119
TrueConf Server 4.3.7 is affected by an open-redirect vulnerability in the /admin/general/change-lang endpoint. The issue arises from improper handling of the redirect_url parameter, allowing remote attackers to redirect users to an arbitrary URL. Exploitation has been publicly disclosed (e.g., e...
CVE-2017-20118 TrueConf Server DOM cross site scripting
A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/conferences/list/. The manipulation of the argument domxss leads to basic cross site scripting DOM. The attack may be launched remotely. Th...
CVE-2017-20118
CVE-2017-20118 affects TrueConf Server 4.3.7. The vulnerability is a DOM-based cross-site scripting issue in the /admin/conferences/list/ endpoint caused by manipulation of the domxss argument. It can be exploited remotely and has been publicly disclosed (exploits exist). Affected versions are 4....
CVE-2017-20117 TrueConf Server group DOM cross site scripting
A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/group. The manipulation leads to basic cross site scripting DOM. The attack can be launched remotely. The exploit has been disclos...
CVE-2017-20117 TrueConf Server group DOM cross site scripting
A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/group. The manipulation leads to basic cross site scripting DOM. The attack can be launched remotely. The exploit has been disclos...
CVE-2017-20117
CVE-2017-20117 affects TrueConf Server 4.3.7. The vulnerability exists in the /admin/group functionality and is a cross-site scripting (DOM XSS) flaw caused by improper handling of inputs, exploitable remotely. Several sources confirm that the vulnerability can be triggered by an attacker to exec...
CVE-2017-20116 TrueConf Server Reflected cross site scripting
A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic. Affected is an unknown function of the file /admin/group/list/. The manipulation of the argument checkedgroupid leads to basic cross site scripting Reflected. It is possible to launch the attack remotely. T...
CVE-2017-20116 TrueConf Server Reflected cross site scripting
A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic. Affected is an unknown function of the file /admin/group/list/. The manipulation of the argument checkedgroupid leads to basic cross site scripting Reflected. It is possible to launch the attack remotely. T...