3 matches found
CVE-2015-1180-xss-eventsentry
CVE-2015-1180-xss-eventsentry Information ---------------- Advisory by Octogence. Name: Reflected XSS Vulnerability in EventSentry Web Reports Interface Affected Software : EventSentry Affected Versions: 3.1.0 and possibly below Vendor Homepage : http://eventsentry.com/ Vulnerability Type :...
CVE-2015-1180
Cross-site scripting XSS vulnerability in the Web Reports in EventSentry 3.1.0 allows remote attackers to inject arbitrary web script or HTML via the pageId parameter to networktile/bullet...
CVE-2015-1180
EventSentry Web Reports (Web Reports) vulnerability CVE-2015-1180 affects version 3.1.0 (and possibly earlier) where the pageId parameter in the networktile/bullet endpoint is not properly filtered, enabling a reflected XSS via a crafted URL. The core issue is insufficient input sanitization for ...