3 matches found
EMC RSA Authentication Manager < 8.2 SP1 Patch 1 Token Profile Name Stored XSS (ESA-2017-068)
The version of EMC RSA Authentication Manager running on the remote host is prior to 8.2 SP1 Patch 1 8.2.1.1. It is, therefore, affected by a stored cross-site scripting XSS vulnerability due to a failure to validate user-supplied input to names of token profiles before returning them to users. A...
CVE-2017-8000
CVE-2017-8000 – EMC RSA Authentication Manager (8.2 SP1 and earlier) is a stored cross-site scripting vulnerability in token profile names. A malicious RSA Security Console Administrator could craft a token profile and save a name containing an XSS payload, which would be executed in another admi...
RSA Authentication Manager 8.2 SP1 Cross Site Scripting Vulnerability
RSA Authentication Manager versions 8.2 SP1 and below suffer from a stored cross site scripting vulnerability. RSAr Authentication Manager Stored Cross-Site Scripting Vulnerability CVE Identifier: CVE-2017-8000 Severity Rating: CVSSv3: 4.1 AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N Affected Products: RS...