Lucene search
K

110 matches found

Prion
Prion
added 2020/12/24 4:15 p.m.21 views

Cross site scripting

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.2, a reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system...

4.3CVSS5.9AI score0.00634EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/12/17 12:0 a.m.30 views

F5 Networks BIG-IP : BIG-IP APM XSS vulnerability (K30343902)

A reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system. CVE-2020-27726 Impact An attacker can craft a malicious URL and send it to an authenticated user to launch a XSSattack. C...

6.1CVSS5.9AI score0.00634EPSS
Exploits0References2
NVD
NVD
added 2019/03/21 4:1 p.m.18 views

CVE-2019-7416

XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable...

6.1CVSS6AI score0.01549EPSS
Exploits2References3
OSV
OSV
added 2019/03/21 4:1 p.m.5 views

CVE-2019-7416

XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable...

6.1CVSS6.3AI score0.01549EPSS
Exploits2References3
Prion
Prion
added 2019/03/21 4:1 p.m.15 views

Design/Logic Flaw

XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable...

4.3CVSS6AI score0.01549EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2019/03/17 7:36 p.m.20 views

CVE-2019-7416

XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable...

6.1AI score0.01549EPSS
Exploits2References3
CVE
CVE
added 2019/03/17 7:36 p.m.48 views

CVE-2019-7416

CVE-2019-7416 affects OpenText Documentum Webtop 5.3 SP2. The vulnerability is in the startat parameter of /webtop/help/en/default.htm, enabling XSS and/or a Client-Side URL Redirect. Public documentation notes this issue and a PoC is referenced in PacketStorm for Webtop 5.3 SP2. CVSS details fro...

6.1CVSS6AI score0.01549EPSS
Exploits2References3Affected Software1
Packet Storm
Packet Storm
added 2019/02/07 12:0 a.m.51 views

OpenText Documentum Webtop 5.3 SP2 Open Redirect

...

6.4AI score0.01549EPSS
Exploits2
OSV
OSV
added 2019/02/05 6:29 p.m.4 views

CVE-2019-6591

On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12.1.3.7, a reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system...

5.4CVSS6AI score0.00624EPSS
Exploits0References1
NVD
NVD
added 2019/02/05 6:29 p.m.20 views

CVE-2019-6591

On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12.1.3.7, a reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system...

5.4CVSS5.2AI score0.00624EPSS
Exploits0References1
Prion
Prion
added 2019/02/05 6:29 p.m.17 views

Cross site scripting

On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12.1.3.7, a reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system...

3.5CVSS5.2AI score0.00624EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/01/30 12:0 a.m.24 views

F5 Networks BIG-IP : BIG-IP APM XSS vulnerability (K32840424)

A reflected cross-site scripting XSS vulnerabilityexists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system. CVE-2019-6591 Impact An authenticated attacker may be able to inject malicious content. C Tenable Network Security, Inc. The...

5.4CVSS5.3AI score0.00624EPSS
Exploits0References2
Prion
Prion
added 2018/12/28 3:29 p.m.18 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in the APM webtop 11.2.1 or greater may allow attacker to force an APM webtop session to log out and require re-authentication...

4.3CVSS4.7AI score0.00734EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/12/28 3:29 p.m.19 views

CVE-2018-15334

A cross-site request forgery CSRF vulnerability in the APM webtop 11.2.1 or greater may allow attacker to force an APM webtop session to log out and require re-authentication...

4.3CVSS4.6AI score0.00734EPSS
Exploits0References2
OSV
OSV
added 2018/12/28 3:29 p.m.4 views

CVE-2018-15334

A cross-site request forgery CSRF vulnerability in the APM webtop 11.2.1 or greater may allow attacker to force an APM webtop session to log out and require re-authentication...

4.3CVSS5.7AI score0.00734EPSS
Exploits0References2
CVE
CVE
added 2018/12/28 3:0 p.m.51 views

CVE-2018-15334

The CVE-2018-15334 entry affects F5 BIG-IP APM webtop, where a CSRF vulnerability in the APM webtop 11.2.1+ can force a user session logout and require re-authentication. Affected components: BIG-IP APM webtop. Root cause: CSRF allowing session logout. Impact: remote attacker could cause a user t...

4.3CVSS4.6AI score0.00734EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/12/28 3:0 p.m.25 views

CVE-2018-15334

A cross-site request forgery CSRF vulnerability in the APM webtop 11.2.1 or greater may allow attacker to force an APM webtop session to log out and require re-authentication...

4.7AI score0.00734EPSS
Exploits0References2
CNVD
CNVD
added 2018/04/19 12:0 a.m.3 views

OpenText Documentum D2 Webtop Cross-Site Scripting Vulnerability

OpenText Documentum D2 Webtop is a set of enterprise-class content management system from OpenText Canada. The system manages the entire information lifecycle through the creation, modification, tracking and other functions, which includes a number of extensions, such as Documentum Web Publisher...

5.4CVSS6AI score0.00545EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/19 12:0 a.m.4 views

OpenText Documentum D2 Webtop Cross-Site Scripting Vulnerability (CNVD-2018-07985)

OpenText Documentum D2 Webtop is a set of enterprise-class content management system from OpenText Canada. The system manages the entire information lifecycle through the creation, modification, tracking and other functions, which includes a number of extensions, such as Documentum Web Publisher...

5.4CVSS6AI score0.00545EPSS
Exploits1References1
OSV
OSV
added 2018/04/11 6:29 a.m.3 views

CVE-2018-7659

In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Stored Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via a filename of an uploaded image file...

5.4CVSS5.8AI score0.00545EPSS
Exploits1References1
Rows per page
Query Builder