Lucene search
K

4 matches found

OSV
OSV
added 2019/05/31 10:29 p.m.14 views

CVE-2019-10049

It is possible for an attacker with regular user access to the web application of Pydio through 8.2.2 to trick an administrator user into opening a link shared through the application, that in turn opens a shared file that contains JavaScript code that is executed in the context of the victim use...

7.3CVSS6.5AI score0.01164EPSS
Exploits3References1
CVE
CVE
added 2019/05/31 9:17 p.m.256 views

CVE-2019-10049

The CVE-2019-10049 entry concerns Pydio Core (versions up to 8.2.2) where a user with regular access can be manipulated into opening a shared file containing JavaScript that runs in the victim’s browser context, enabling leakage of sensitive data (e.g., session identifiers) and actions on behalf ...

7.3CVSS7AI score0.01164EPSS
Exploits3References1Affected Software1
Packet Storm
Packet Storm
added 2019/03/29 12:0 a.m.138 views

Pydio 8 Command Execution / Cross Site Scripting

SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ Pydio 8 Multiple Vulnerabilities 1. Advisory Information Title: Pydio 8 Multiple Vulnerabilities Advisory ID: SAUTH-2019-0002 Advisory URL: https://www.secureauth.com/labs/advisories/pydio-8-multiple-vulnerabilities Date published:...

0.1AI score0.03309EPSS
Exploits7
0day.today
0day.today
added 2019/03/29 12:0 a.m.112 views

Pydio 8 Command Execution / Cross Site Scripting Vulnerabilities

Pydio 8 suffers from cross site scripting, command injection, and various other vulnerabilities. Pydio 8 Multiple Vulnerabilities 1. Advisory Information Title: Pydio 8 Multiple Vulnerabilities Advisory ID: SAUTH-2019-0002 Advisory URL:...

6.3AI score0.03309EPSS
Exploits7
Rows per page
Query Builder