110 matches found
Cross site scripting
In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.2, a reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system...
F5 Networks BIG-IP : BIG-IP APM XSS vulnerability (K30343902)
A reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system. CVE-2020-27726 Impact An attacker can craft a malicious URL and send it to an authenticated user to launch a XSSattack. C...
CVE-2019-7416
XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable...
CVE-2019-7416
XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable...
Design/Logic Flaw
XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable...
CVE-2019-7416
XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable...
CVE-2019-7416
CVE-2019-7416 affects OpenText Documentum Webtop 5.3 SP2. The vulnerability is in the startat parameter of /webtop/help/en/default.htm, enabling XSS and/or a Client-Side URL Redirect. Public documentation notes this issue and a PoC is referenced in PacketStorm for Webtop 5.3 SP2. CVSS details fro...
OpenText Documentum Webtop 5.3 SP2 Open Redirect
...
CVE-2019-6591
On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12.1.3.7, a reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system...
CVE-2019-6591
On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12.1.3.7, a reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system...
Cross site scripting
On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12.1.3.7, a reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system...
F5 Networks BIG-IP : BIG-IP APM XSS vulnerability (K32840424)
A reflected cross-site scripting XSS vulnerabilityexists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system. CVE-2019-6591 Impact An authenticated attacker may be able to inject malicious content. C Tenable Network Security, Inc. The...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in the APM webtop 11.2.1 or greater may allow attacker to force an APM webtop session to log out and require re-authentication...
CVE-2018-15334
A cross-site request forgery CSRF vulnerability in the APM webtop 11.2.1 or greater may allow attacker to force an APM webtop session to log out and require re-authentication...
CVE-2018-15334
A cross-site request forgery CSRF vulnerability in the APM webtop 11.2.1 or greater may allow attacker to force an APM webtop session to log out and require re-authentication...
CVE-2018-15334
The CVE-2018-15334 entry affects F5 BIG-IP APM webtop, where a CSRF vulnerability in the APM webtop 11.2.1+ can force a user session logout and require re-authentication. Affected components: BIG-IP APM webtop. Root cause: CSRF allowing session logout. Impact: remote attacker could cause a user t...
CVE-2018-15334
A cross-site request forgery CSRF vulnerability in the APM webtop 11.2.1 or greater may allow attacker to force an APM webtop session to log out and require re-authentication...
OpenText Documentum D2 Webtop Cross-Site Scripting Vulnerability
OpenText Documentum D2 Webtop is a set of enterprise-class content management system from OpenText Canada. The system manages the entire information lifecycle through the creation, modification, tracking and other functions, which includes a number of extensions, such as Documentum Web Publisher...
OpenText Documentum D2 Webtop Cross-Site Scripting Vulnerability (CNVD-2018-07985)
OpenText Documentum D2 Webtop is a set of enterprise-class content management system from OpenText Canada. The system manages the entire information lifecycle through the creation, modification, tracking and other functions, which includes a number of extensions, such as Documentum Web Publisher...
CVE-2018-7659
In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Stored Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via a filename of an uploaded image file...