2 matches found
CVE-2018-8652
CVE-2018-8652 describes a cross-site scripting (XSS) vulnerability in Windows Azure Pack Rollup 13.1 where input is not properly sanitized. An authenticated attacker could exploit a crafted payload to execute script in the context of a user visiting the compromised page, potentially reading data,...
Script injection of certain symbols bypass portal UI restrictions in Update Rollup 13 for Windows Azure Pack
Script injection of certain symbols bypass portal UI restrictions in Update Rollup 13 for Windows Azure Pack Symptoms A security vulnerability exists in Update Rollup 13 for Windows Azure Pack WAP that causes script injection of certain symbols to bypass portal UI restrictions. The portal UI...