3 matches found
bibliotheque.museereattu.arles.fr Cross Site Scripting vulnerability OBB-3900590
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
ArcGIS for Server Vulnerability Disclosure
Product: ArcGIS for Server Vendor: ESRI Vulnerable Version: 10.1.1 Tested Version: 10.1.1 Vendor Notification: June 19, 2014 Public Disclosure: August 15, 2014 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2014-5121 Risk Level: Medium CVSSv2 Base Score: 4.3...
CVE-2014-5122
CVE-2014-5122 is an Open Redirect vulnerability in ESRI ArcGIS for Server 10.1.1. A crafted login URL can redirect the user’s browser to an attacker-controlled site via an unspecified parameter, enabling phishing-like redirections. The vulnerability is documented in the ArcGIS for Server disclosu...