90 matches found
Identity and Access Management for the Computing Continuum
The computing continuum introduces new challenges for access control due to its dynamic, distributed, and heterogeneous nature. In this paper, we propose a Zero-Trust ZT access control solution that leverages decentralized identification and authentication mechanisms based on Decentralized...
CVE-2020-7480
A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists in Andover Continuum All versions, which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data...
CVE-2020-7481
A CWE-79:Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists Andover Continuum All versions, which could enable a successful Cross-site Scripting XSS attack when using the products' web server...
CVE-2019-6853
A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702 , which could enable a successful Cross-site Scripting XSS attack when using the products web server...
GHSA-7382-FV7P-V9V3 Apache Continuum and Archiva vulnerable to Cross-site Scripting
Cross-site scripting XSS vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta; and Archiva 1.3.0 through 1.3.3 and 1.0 through 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to the autoIncludeParameters setting for the...
Apache Continuum and Archiva vulnerable to Cross-site Scripting
Cross-site scripting XSS vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta; and Archiva 1.3.0 through 1.3.3 and 1.0 through 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to the autoIncludeParameters setting for the...
berkano:bean-displaytag (>=20050615.234814 <=20050616.015551), berkano:berkano-util (>=20050725.114415 <=dev-20050723) +28 more potentially affected by CVE-2007-4556 via opensymphony:xwork (>=1.0.3 <=1.2.2)
opensymphony:xwork MAVEN version =1.0.3, =20050615.234814, =20050725.114415, =2.1.5, =1.1.3, =1.0-alpha-1, =1.1-beta-1, =1.1-beta-1, =1.0-beta-2, =1.0-beta-3 - org.codehaus.jet:jet-web-engine =1.0-beta-2 and more Source cves: CVE-2007-4556 Source advisory: OSV:GHSA-H7MF-QRM9-2848...
careers.continuum.com.s3.adwisetest.nl Cross Site Scripting vulnerability OBB-2478705
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
The vulnerability of the building management software (management of access control, security systems, video surveillance, and automation) in Andover Continuum arises from the lack of measures to protect input data. This allows intruders to perform cross-site scripting attacks (XSS).
The vulnerability of the building management software management of access control, security systems, video surveillance, and automation in Andover Continuum is related to the lack of measures for cleaning input data. Exploiting this vulnerability could allow a remote attacker to perform cross-si...
continuumcarehospiceinc.net Cross Site Scripting vulnerability OBB-1481934
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
continuumcarehospiceinc.net Cross Site Scripting vulnerability OBB-1412500
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
continuumcarehospiceinc.net Cross Site Scripting vulnerability OBB-1374972
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
The vulnerability of the building management software (management of access control, security systems, video surveillance, and automation) Andover Continuum System, related to the possibility of interference with XML data processing by the application, allows a intruder to gain access to the files in the application server’s file system.
The vulnerability of the building management software management of access control, security systems, video surveillance, and automation Andover Continuum System is related to the possibility of interference with XML data processing by the application. Exploiting this vulnerability can allow a...
The vulnerability of the building management software (management of access control, security systems, video surveillance, and automation) Andover Continuum System, related to the lack of protection for website structures, allows attackers to execute cross-site scripting attacks (XSS attacks) during the use of web server applications.
The vulnerability of the building management software management of access control, security systems, video surveillance, and automation in Andover Continuum System is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious act...
The vulnerability of the building management software (management of access control, security systems, video surveillance, and automation) Andover Continuum System, related to the lack of protection for website structures, allows attackers to execute cross-site scripting attacks (XSS attacks) during the use of web server applications.
The vulnerability of the building management software managing access control, security systems, video surveillance, and automation in Andover Continuum System is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to...
Andover Continuum Cross-Site Scripting Vulnerability
Andover Continuum is a BACnet building management system from Schneider Electric. A reflected cross-site scripting vulnerability exists in Andover Continuum. The vulnerability stems from improper neutralization of inputs during web page generation. An attacker could exploit this vulnerability to...
Andover Continuum Cross-Site Scripting Vulnerability (CNVD-2020-19526)
Andover Continuum is a BACnet building management system from Schneider Electric. A cross-site scripting vulnerability exists in Andover Continuum. The vulnerability stems from improper neutralization of inputs during web page generation. An attacker could exploit this vulnerability to conduct a...
Andover Continuum Code Injection Vulnerability
Andover Continuum is a BACnet building management system from Schneider Electric. A code injection vulnerability exists in Andover Continuum. The vulnerability stems from improper control over code generation. An attacker could use this vulnerability to read files on the application server file...
Schneider Electric Andover Continuum Cross-Site Scripting Vulnerability
Schneider Electric Andover Continuum is a suite of building automation solutions from the French company Schneider Electric. The product includes features such as heating ventilation and air conditioning and access control. A cross-site scripting vulnerability exists in Schneider Electric Andover...
CVE-2020-7480
A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists in Andover Continuum All versions, which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data...