107 matches found
CVE-2024-34058
The WebTop package for NethServer 7 and 8 allows stored XSS for example, via the Subject field if an e-mail message...
EUVD-2018-7212
Malware in sbrugna...
EUVD-2018-19376
Malware in sbrugna...
EUVD-2019-16958
Malware in sbrugna...
EUVD-2000-0050
Malware in sbrugna...
CVE-2021-23054
On version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system...
CVE-2013-0939
EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allow remote attackers to obtain sensitive information via vectors involving cross-origin frame navigation, related to a "Cross Frame Scripting"...
Nethserver 7 / 8 Cross Site Scripting
CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting XSS in WebTop package Suggested description The WebTop package for NethServer 7 and 8 allows stored XSS for example, via the Subject field if an e-mail message. ------------------------------------------ Additional Information NethServe...
CVE-2024-34058
The WebTop package for NethServer 7 and 8 allows stored XSS for example, via the Subject field if an e-mail message...
CVE-2024-34058
The CVE-2024-34058 entry concerns stored XSS in the WebTop package for NethServer 7 and 8. Affected component: WebTop (Sonicle) integrated with NethServer; root cause: insufficient input sanitization/output escaping allows payloads (e.g., in the Email Subject) to be stored and executed in the fro...
CVE-2024-34058
The WebTop package for NethServer 7 and 8 allows stored XSS for example, via the Subject field if an e-mail message...
PT-2024-25671 · Webtop +1 · Webtop +1
Name of the Vulnerable Software and Affected Versions: NethServer versions 7 through 8 Description: The issue concerns stored cross-site scripting XSS in the WebTop package. This can be exploited, for example, via the Subject field of an e-mail message. NethServer is an operating system designed...
F5 Networks BIG-IP : BIG-IP APM webtop vulnerability (K74114570)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K74114570 advisory. - A cross-site request forgery CSRF vulnerability in the APM webtop 11.2.1 or greater may allow attacker to force an AP...
K41997459: BIG-IP APM XSS vulnerability CVE-2021-23054
Security Advisory Description A reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system. CVE-2021-23054 Impact An attacker can craft a malicious URL and send it to an authenticated...
K7397: Download of local FirePass files using the URL in Webtop or the Admin UI
Security Advisory Description Note: Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...
K74114570: BIG-IP APM webtop vulnerability CVE-2018-15334
A cross-site request forgery CSRF vulnerability in the APM webtop, may allow attacker to force an APM webtop session to log out and require re-authentication. CVE-2018-15334 Impact A remote attacker may be able to force a BIG-IP APM webtop session to log out and require reauthentication. Security...
CVE-2021-23054
On version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system...
CVE-2021-23054
On version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system...
CVE-2020-27726
In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.2, a reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system...
CVE-2020-27726
In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.2, a reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system...