CVE-2023-3946

A reflected cross-site scripting XSS vulnerability in ePO prior to 5.10 SP1 Update 1allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted link. This would lead to...

CVE-2023-3946

A reflected cross-site scripting XSS vulnerability in ePO prior to 5.10 SP1 Update 1allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted link. This would lead to...

Atlassian Jira 8.0.0 < 8.0.4 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.13.0 prior to 7.13.4, 8.0.0 prior to 8.0.4 or 8.1.0 prior to 8.1.1. It is, therefore, affected by multiple vulnerabilities: - A vulnerability which permits remote attackers w...

Cross site scripting

A reflected cross-site scripting XSS vulnerability in ePO prior to 5.10 Update 14 allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted link. This would lead to...

CVE-2022-0857

A reflected cross-site scripting XSS vulnerability in McAfee Enterprise ePolicy Orchestrator ePO prior to 5.10 Update 13 allows a remote attacker to potentially obtain access to an ePO administrator's session by convincing the attacker to click on a carefully crafted link. This would lead to...

CVE-2022-0858 Cross-site scripting vulnerability in ePO

A cross-site scripting XSS vulnerability in McAfee Enterprise ePolicy Orchestrator ePO prior to 5.10 Update 13 allows a remote attacker to potentially obtain access to an ePO administrator's session by convincing the attacker to click on a carefully crafted link. This would lead to limited abilit...

CVE-2022-0857 ePO Reflected Cross-site scripting vulnerability

A reflected cross-site scripting XSS vulnerability in McAfee Enterprise ePolicy Orchestrator ePO prior to 5.10 Update 13 allows a remote attacker to potentially obtain access to an ePO administrator's session by convincing the attacker to click on a carefully crafted link. This would lead to...

Information disclosure

An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerability allows an attacke...

Improper access control

The EditApplinkServlet resource in the Atlassian Application Links plugin before version 5.4.20, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version 7.0.1, and from version 7.1.0 before version 7.1.3 allows remote attackers who have...

Improper access control

The ViewUpgrades resource in Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers who have obtained access to administrator's session to access the ViewUpgrades administrative resource without needing to...

http-adobe-coldfusion-apsa1301 NSE Script

Attempts to exploit an authentication bypass vulnerability in Adobe Coldfusion servers to retrieve a valid administrator's session cookie. Reference: APSA13-01: See also: http-coldfusion-subzero.nse http-vuln-cve2009-3960.nse http-vuln-cve2010-2861.nse Script Arguments...

EV0064.txt

New eVuln Advisory: Clever Copy 'Referer' & 'X-Forwarded-For' XSS Vulnerabilities http://evuln.com/vulns/64/summary.html --------------------Summary---------------- eVuln ID: EV0064 CVE: CVE-2006-0627 Vendor: 3.0 2.0 2.0a Software: Clever Copy V3 Sowtware's Web Site:...