Lucene search
K

4 matches found

Debian
Debian
added 2019/12/14 5:43 a.m.124 views

[SECURITY] [DLA 2034-1] davical security update

Package : davical Version : 1.1.3.1-1+deb8u1 CVE ID : CVE-2019-18345 CVE-2019-18346 CVE-2019-18347 Debian Bug : 946343 Multiple cross-site scripting and cross-site request forgery issues were discovered in the DAViCal CalDAV Server. For Debian 8 "Jessie", these problems have been fixed in version...

9.3CVSS6.7AI score0.02242EPSS
Exploits6
Debian
Debian
added 2019/12/13 7:33 p.m.118 views

[SECURITY] [DSA 4582-1] davical security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4582-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 13, 2019 https://www.debian.org/security/faq -...

9.3CVSS8AI score0.02242EPSS
Exploits6
UbuntuCve
UbuntuCve
added 2019/12/04 6:15 p.m.21 views

CVE-2019-18347

A stored XSS issue was discovered in DAViCal through 1.1.8. It does not adequately sanitize output of various fields that can be set by unprivileged users, making it possible for JavaScript stored in those fields to be executed by another possibly privileged user. Affected database fields include...

5.4CVSS6AI score0.01134EPSS
Exploits4References4
CVE
CVE
added 2019/12/04 5:22 p.m.77 views

CVE-2019-18347

DAViCal CalDAV Server (up to version 1.1.8) is affected by CVE-2019-18347 due to insufficient sanitization of unprivileged-set output fields (Username, Display Name, Email), enabling stored XSS that can execute JavaScript for another user. The issue is documented across multiple advisories; Debia...

5.4CVSS6.6AI score0.01134EPSS
Exploits4References10Affected Software1
Rows per page
Query Builder