3 matches found
CVE-2015-7706
SSP EUROPE Secure Data Space SDS-API (pre-3.5.7) contains multiple XSS flaws exploitable via (1) PATH_INFO to api/v3/public/shares/downloads/, (2) authType in api/v3/auth/login, and (3) login in api/v3/auth/reset_password. Impact: possible injection of arbitrary script/HTML. Mitigation: upgrade t...
Secure Data Space 3.1.1-2 Cross Site Scripting Vulnerability
Secure Data Space version 3.1.1-2 suffers from a cross site scripting vulnerability. Secure Data Space 3.1.1-2 Cross Site Scripting Vulnerability 1. DETAILS - ---------- Product: SECURE DATA SPACE Vendor URL: www.ssp-europe.eu Type: Cross-site ScriptingCWE-79 Date found: 2015-09-30 Date published...
Secure Data Space 3.1.1-2 Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 secunet Security Networks AG Security Advisory Advisory: SECURE DATA SPACE API Multiple Non-Persistent Cross-Site Scripting Vulnerabilities 1. DETAILS - ---------- Product: SECURE DATA SPACE Vendor URL: www.ssp-europe.eu Type: Cross-site...