CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

CNVD•added 2018/10/10 12:0 a.m.•2 views

Claromentis Discuss Cross-Site Scripting Vulnerability

Claromentis is a digital work solution. discuss is one of the internal chat modules. A cross-site scripting vulnerability exists in Claromentis version 8.2.2 in Discuss version 1.2.1. A remote attacker could exploit the vulnerability to hijack a session and collect domain credentials...

5.4CVSS5.3AI score0.00437EPSS

Exploits3References1

NVD•added 2018/10/08 5:29 p.m.•9 views

CVE-2018-15903

The Discuss v1.2.1 module in Claromentis 8.2.2 is vulnerable to stored Cross Site Scripting XSS. An authenticated attacker will be able to place malicious JavaScript in the discussion forum, which is present in the login landing page. A low privilege user can use this to steal the session cookies...

5.4CVSS5.2AI score0.00437EPSS

Exploits3References1

Prion•added 2018/10/08 5:29 p.m.•9 views

Cross site scripting

3.5CVSS5.1AI score0.00437EPSS

Exploits3References1Affected Software1

OSV•added 2018/10/08 5:29 p.m.•1 views

CVE-2018-15903

5.4CVSS5.8AI score

Exploits0References1

CVE•added 2018/10/08 5:0 p.m.•38 views

CVE-2018-15903

The CVE-2018-15903 vulnerability affects Claromentis Discuss v1.2.1 integrated in Claromentis 8.2.2. It is a stored XSS in the Discuss module that an authenticated, low-privilege user can exploit via the discussion forum on the login landing page to steal high-privilege cookies and hijack an elev...

5.4CVSS5.1AI score0.00437EPSS

Exploits3References1Affected Software1

Cvelist•added 2018/10/08 5:0 p.m.•13 views

CVE-2018-15903

5.2AI score0.00437EPSS

Exploits3References1

0day.today•added 2018/10/06 12:0 a.m.•42 views

Claromentis Discuss 1.2.1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Issue: Stored Cross site Scripting XSS on Discuss Module v1.2.1 in Claromentis intranet application Reserved CVE: CVE-2018-15903 Vulnerability OverviewThe Discuss v1.2.1 module in Claromentis 8.2.2 is vulnerable to Stored Cross Site Scripting...

0.00437EPSS

Exploits3

Packet Storm•added 2018/10/05 12:0 a.m.•34 views

Claromentis Discuss 1.2.1 Cross Site Scripting

Issue: Stored Cross site Scripting XSS on Discuss Module v1.2.1 in Claromentis intranet application Reserved CVE: CVE-2018-15903 Vulnerability OverviewThe Discuss v1.2.1 module in Claromentis 8.2.2 is vulnerable to Stored Cross Site Scripting XSS. An authenticated attacker is able to place...

5.6AI score0.00437EPSS

Exploits3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by