Lucene search
K

155 matches found

OSV
OSV
added 2022/06/29 5:15 p.m.4 views

CVE-2017-20114

A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This vulnerability affects unknown code of the file /admin/conferences/get-all-status/. The manipulation of the argument keys leads to basic cross site scripting Reflected. The attack can be initiated remotely...

5.4CVSS4.5AI score0.00577EPSS
Exploits1References2
Prion
Prion
added 2022/06/29 5:15 p.m.16 views

Cross site scripting

A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic. Affected is an unknown function of the file /admin/group/list/. The manipulation of the argument checkedgroupid leads to basic cross site scripting Reflected. It is possible to launch the attack remotely. T...

3.5CVSS6.1AI score0.00577EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/06/29 5:15 p.m.11 views

Open redirect

A vulnerability classified as problematic has been found in TrueConf Server 4.3.7. This affects an unknown part of the file /admin/general/change-lang. The manipulation of the argument redirecturl leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclos...

5.8CVSS7AI score0.00674EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/06/29 5:15 p.m.20 views

Cross site scripting

A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/group. The manipulation leads to basic cross site scripting DOM. The attack can be launched remotely. The exploit has been disclos...

3.5CVSS6.1AI score0.00577EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/06/29 5:15 p.m.17 views

Cross site scripting

A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/conferences/list/. The manipulation of the argument domxss leads to basic cross site scripting DOM. The attack may be launched remotely. Th...

3.5CVSS6AI score0.00577EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/06/29 5:15 p.m.16 views

Cross site scripting

A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This vulnerability affects unknown code of the file /admin/conferences/get-all-status/. The manipulation of the argument keys leads to basic cross site scripting Reflected. The attack can be initiated remotely...

3.5CVSS6.1AI score0.00577EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/06/29 5:15 p.m.12 views

Cross site request forgery (csrf)

A vulnerability classified as problematic was found in TrueConf Server 4.3.7. This vulnerability affects unknown code of the file /admin/service/stop/. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...

6.8CVSS8.7AI score0.00483EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/06/29 5:15 p.m.22 views

Cross site scripting

A vulnerability, which was classified as problematic, was found in TrueConf Server 4.3.7. This affects an unknown part. The manipulation leads to basic cross site scripting Stored. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...

3.5CVSS6AI score0.00577EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/06/29 5:15 p.m.14 views

Cross site scripting

A vulnerability was found in TrueConf Server 4.3.7 and classified as problematic. This issue affects some unknown processing of the file /admin/conferences/list/. The manipulation of the argument sort leads to basic cross site scripting Reflected. The attack may be initiated remotely. The exploit...

3.5CVSS6.1AI score0.00577EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/06/29 4:15 p.m.57 views

CVE-2017-20120

TrueConf Server 4.3.7 is affected by a Cross‑Site Request Forgery in the /admin/service/stop/ endpoint. The vulnerability stems from insufficient validation of HTTP requests to perform administrative actions, potentially enabling remote attackers to forge authenticated requests. Multiple sources ...

8.8CVSS6.6AI score0.00483EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/06/29 4:15 p.m.20 views

CVE-2017-20120 TrueConf Server cross-site request forgery

A vulnerability classified as problematic was found in TrueConf Server 4.3.7. This vulnerability affects unknown code of the file /admin/service/stop/. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...

4.3CVSS8.8AI score0.00483EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/06/29 4:15 p.m.22 views

CVE-2017-20119 TrueConf Server change-lang redirect

A vulnerability classified as problematic has been found in TrueConf Server 4.3.7. This affects an unknown part of the file /admin/general/change-lang. The manipulation of the argument redirecturl leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclos...

3.5CVSS7AI score0.00674EPSS
Exploits1References2
CVE
CVE
added 2022/06/29 4:15 p.m.58 views

CVE-2017-20119

TrueConf Server 4.3.7 is affected by an open-redirect vulnerability in the /admin/general/change-lang endpoint. The issue arises from improper handling of the redirect_url parameter, allowing remote attackers to redirect users to an arbitrary URL. Exploitation has been publicly disclosed (e.g., e...

6.1CVSS5.1AI score0.00674EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/06/29 4:15 p.m.21 views

CVE-2017-20118 TrueConf Server DOM cross site scripting

A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/conferences/list/. The manipulation of the argument domxss leads to basic cross site scripting DOM. The attack may be launched remotely. Th...

3.5CVSS6.1AI score0.00577EPSS
Exploits1References2
CVE
CVE
added 2022/06/29 4:15 p.m.54 views

CVE-2017-20118

CVE-2017-20118 affects TrueConf Server 4.3.7. The vulnerability is a DOM-based cross-site scripting issue in the /admin/conferences/list/ endpoint caused by manipulation of the domxss argument. It can be exploited remotely and has been publicly disclosed (exploits exist). Affected versions are 4....

5.4CVSS4.5AI score0.00577EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/06/29 4:15 p.m.20 views

CVE-2017-20117 TrueConf Server group DOM cross site scripting

A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/group. The manipulation leads to basic cross site scripting DOM. The attack can be launched remotely. The exploit has been disclos...

3.5CVSS6.2AI score0.00577EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/06/29 4:15 p.m.6 views

CVE-2017-20117 TrueConf Server group DOM cross site scripting

A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/group. The manipulation leads to basic cross site scripting DOM. The attack can be launched remotely. The exploit has been disclos...

3.5CVSS6.4AI score0.00577EPSS
Exploits1References2
CVE
CVE
added 2022/06/29 4:15 p.m.55 views

CVE-2017-20117

CVE-2017-20117 affects TrueConf Server 4.3.7. The vulnerability exists in the /admin/group functionality and is a cross-site scripting (DOM XSS) flaw caused by improper handling of inputs, exploitable remotely. Several sources confirm that the vulnerability can be triggered by an attacker to exec...

5.4CVSS4.6AI score0.00577EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/06/29 4:15 p.m.7 views

CVE-2017-20116 TrueConf Server Reflected cross site scripting

A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic. Affected is an unknown function of the file /admin/group/list/. The manipulation of the argument checkedgroupid leads to basic cross site scripting Reflected. It is possible to launch the attack remotely. T...

3.5CVSS6.4AI score0.00577EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/06/29 4:15 p.m.21 views

CVE-2017-20116 TrueConf Server Reflected cross site scripting

A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic. Affected is an unknown function of the file /admin/group/list/. The manipulation of the argument checkedgroupid leads to basic cross site scripting Reflected. It is possible to launch the attack remotely. T...

3.5CVSS6.2AI score0.00577EPSS
Exploits1References2
Rows per page
Query Builder