7 matches found
Xxe
ASG technologies A Rocket Software Company ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity XXE...
CVE-2021-45026
The CVE-2021-45026 entry concerns ASG-Zena Cross Platform Server Enterprise Edition 4.2.1, where multiple sources describe a Cross Site Scripting (XSS) vulnerability in the Web UI (ClientManager/Webconfig) arising from insufficient input filtering/escaping. Public records identify this as a store...
CVE-2021-45025
ASG technologies A Rocket Software Company ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cleartext Storage of Sensitive Information in a Cookie...
CVE-2021-45024
CVE-2021-45024 affects ASG-Zena Cross Platform Server Enterprise Edition 4.2.1. The connected documents describe an XML External Entity (XXE) vulnerability in the XML import handling that can lead to SSRF and data exfiltration via the server (endpoints such as oc_main/zenaweb/scheduler/operation)...
PT-2022-12290 · Asg · Asg-Zena Cross Platform Server Enterprise Edition
Name of the Vulnerable Software and Affected Versions: ASG-Zena Cross Platform Server Enterprise Edition version 4.2.1 Description: The issue concerns an XML External Entity XXE problem. No information is provided about the estimated number of potentially affected devices worldwide or real-world...
PT-2022-12292 · Asg · Asg-Zena Cross Platform Server Enterprise Edition
Name of the Vulnerable Software and Affected Versions: ASG-Zena Cross Platform Server Enterprise Edition version 4.2.1 Description: The issue is related to Cross Site Scripting XSS. No information is provided about the estimated number of potentially affected devices worldwide or real-world...
ASG technologies ASG-Zena Cross Platform Server Enterprise Edition 跨站脚本漏洞
ASG technologies ASG-Zena Cross Platform Server Enterprise Edition is a modern multi-platform workload automation solution from ASG technologies, Inc. A cross-site scripting vulnerability exists in ASG technologies ASG-Zena Cross Platform Server Enterprise Edition version 4.2.1, which stems from...