3 matches found
CVE-2022-1318
Hills ComNav version 3002-19 suffers from a weak communication channel. Traffic across the local network for the configuration pages can be viewed by a malicious actor. The size of certain communications packets are predictable. This would allow an attacker to learn the state of the system if the...
osTicket < 1.16.6, 1.17.x < 1.17.3 Multiple XSS Vulnerabilities
osTicket is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
CVE-2022-1318
CVE-2022-1318 affects Hills ComNav, v3002-19, with an inadequate encryption strength: local-network traffic on configuration pages is observable, and packet sizes are predictable, allowing an observer to learn system state even when traffic is encrypted. The underlying issue is described as a wea...