Jedox 跨站脚本漏洞

Jedox is a corporate performance management software from Jedox Inc. It is used for planning, analyzing and reporting in finance and other areas such as sales, human resources and purchasing. A security vulnerability exists in Jedox version 2020.2.5, which can be exploited by an authenticated...

Jedox 安全漏洞

Jedox is a corporate performance management software from Jedox Inc. for planning, analyzing and reporting in finance and other areas such as sales, human resources and purchasing. A security vulnerability exists in Jedox version 2020.2.5, which stems from an integrator that allows an authenticat...

Jedox 安全漏洞

Jedox is a corporate performance management software from Jedox Inc. for planning, analyzing and reporting in finance and other areas such as sales, human resources and purchasing. A security vulnerability exists in Jedox version 2020.2.5 that stems from improper access control in /tc/rpc...

Jedox 代码问题漏洞

Jedox is a corporate performance management software from Jedox Inc. for planning, analyzing and reporting in finance and other areas such as sales, human resources and purchasing. A code issue vulnerability exists in Jedox version 2020.2.5, which stems from incorrect input validation of the...

PT-2023-15508 · Jedox · Jedox

Name of the Vulnerable Software and Affected Versions: Jedox versions 2020.2.5 Description: The issue allows remote authenticated users to create jobs that can execute arbitrary code via Groovy scripts. This is related to the integrator component in the affected software. Recommendations: For...

SolarWinds Hybrid Cloud Observability 加密问题漏洞

SolarWinds Hybrid Cloud Observability is a U.S.-based SolarWinds company that helps organizations ensure availability and reduce remediation time across local and multi-cloud environments by improving visibility, intelligence and productivity. A security vulnerability exists in SolarWinds Hybrid...

CVE-2021-35215

Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability...

Solarwinds Orion Platform 代码问题漏洞

Solarwinds Orion Platform is a network fault and network performance management platform from Solarwinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. A...

Solarwinds Orion Platform 安全漏洞

SolarWinds Orion Platform is a network fault and network performance management platform from SolarWinds, Inc. Orion Platform version 2020.2.5 is vulnerable to an access control error in the user settings. An attacker could exploit this vulnerability to elevate privileges...

Vulnerabilities fixed in SolarWinds Orion

SolarWinds has fixed multiple vulnerabilities in the Orion Platform. An authenticated remote malicious party could potentially exploit the vulnerabilities potentially exploit them to execute execute arbitrary code. In addition, vulnerabilities have been fixed that allow a Tabnabbing attack and...

Gradle Enterprise Cross-Site Request Forgery Vulnerability (CNVD-2020-53288)

Gradle is a set of JVM-based project build tools , it supports maven, Ivy repository and so on. A cross-site request forgery vulnerability exists in Gradle Enterprise prior to version 2020.2.5. The vulnerability stems from a WEB application that does not adequately validate that a request is comi...