Lucene search
K

5 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.38 views

SpagoBI 4.0 - Persistent HTML Script Insertion

No description provided by source. 01. Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02. Vulnerability...

4.3CVSS6.5AI score0.03223EPSS
Exploits7
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.87 views

[CVE-2013-6233] Persistent HTML Script Insertion permits offsite-bound forms in SpagoBI v4.0

Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02. Vulnerability Information CVE reference: CVE-2013-6233...

4.3CVSS0.03223EPSS
Exploits7
CVE
CVE
added 2014/03/07 8:0 p.m.45 views

CVE-2013-6233

CVE-2013-6233 affects SpagoBI (Open Source BI suite). The vulnerability is a cross-site scripting (XSS) flaw in the input handling of the Description field in the Short document metadata, allowing remote attackers with authentication to inject arbitrary HTML/script. Technical description and advi...

4.3CVSS5.2AI score0.03223EPSS
Exploits7References5Affected Software1
exploitpack
exploitpack
added 2014/03/03 12:0 a.m.89 views

SpagoBI 4.0 - Persistent HTML Script Insertion

SpagoBI 4.0 - Persistent HTML Script Insertion 01. Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02...

4.3CVSS6.4AI score0.03223EPSS
Exploits7
Packet Storm
Packet Storm
added 2014/03/02 12:0 a.m.50 views

SpagoBI 4.0 HTML Injection

Advisory Information Title: Persistent HTML Script Insertion permits offsite-bound forms Date published: 2014-03-01 Date of last update: 2014-03-01 Vendors contacted: Engineering Group Discovered by: Christian Catalano Severity: Medium 02. Vulnerability Information CVE reference: CVE-2013-6233...

4.3CVSS6.5AI score0.03223EPSS
Exploits7
Rows per page
Query Builder