15 matches found
Microsoft Graph Enterprise Intelligence Collector
This Metasploit auxiliary module interacts with the Microsoft Graph API to perform enterprise intelligence collection. It supports authentication using Azure AD application credentials or an existing access token and enables enumeration of Azure users, SharePoint sites, OneDrive files, and Exchan...
EUVD-2022-37277
Malicious code in bioql PyPI...
Intel AI for Enterprise Retrieval-augmented Generation 代码问题漏洞
Intel AI for Enterprise Retrieval-augmented Generation is a technology framework for enhancing the accuracy and relevance of Large Language Model LLM responses by incorporating an external knowledge base. An uncontrolled search path vulnerability exists in Intel AI for Enterprise...
CVE-2022-34322
Multiple XSS issues were discovered in Sage Enterprise Intelligence 2021 R1.1 that allow an attacker to execute JavaScript code in the context of users' browsers. The attacker needs to be authenticated to reach the vulnerable features. An issue is present in the Notify Users About Modification me...
CVE-2022-34322
Multiple XSS issues were discovered in Sage Enterprise Intelligence 2021 R1.1 that allow an attacker to execute JavaScript code in the context of users' browsers. The attacker needs to be authenticated to reach the vulnerable features. An issue is present in the Notify Users About Modification me...
CVE-2022-34322
Multiple XSS issues were discovered in Sage Enterprise Intelligence 2021 R1.1 that allow an attacker to execute JavaScript code in the context of users' browsers. The attacker needs to be authenticated to reach the vulnerable features. An issue is present in the Notify Users About Modification me...
Cross site scripting
Multiple XSS issues were discovered in Sage Enterprise Intelligence 2021 R1.1 that allow an attacker to execute JavaScript code in the context of users' browsers. The attacker needs to be authenticated to reach the vulnerable features. An issue is present in the Notify Users About Modification me...
PT-2023-13357 · Sage · Sage Enterprise Intelligence
Name of the Vulnerable Software and Affected Versions: Sage Enterprise Intelligence version 2021 R1.1 Description: Multiple XSS issues were discovered that allow an attacker to execute JavaScript code in the context of users' browsers. The attacker needs to be authenticated to reach the vulnerabl...
Sage Enterprise Intelligence 跨站脚本漏洞
Sage Enterprise Intelligence is a fully integrated business intelligence and data management solution from Sage UK. A security vulnerability exists in Sage Enterprise Intelligence version 2021 R1.1, which stems from the presence of stored XSS that allows an attacker to send a malicious notificati...
CVE-2022-34322
CVE-2022-34322 : Sage Enterprise Intelligence 2021 R1.1 contains multiple XSS bugs. One stored XSS via the Notify Users About Modification/Notifications features allows an authenticated attacker to execute JavaScript in other users’ browsers; also a self-XSS exists in the Favorites tab where a na...
CVE-2022-34322
Multiple XSS issues were discovered in Sage Enterprise Intelligence 2021 R1.1 that allow an attacker to execute JavaScript code in the context of users' browsers. The attacker needs to be authenticated to reach the vulnerable features. An issue is present in the Notify Users About Modification me...
CVE-2022-34322
Multiple XSS issues were discovered in Sage Enterprise Intelligence 2021 R1.1 that allow an attacker to execute JavaScript code in the context of users' browsers. The attacker needs to be authenticated to reach the vulnerable features. An issue is present in the Notify Users About Modification me...
Reflected Cross-Site Scripting Vulnerability in the usbkey_Serial Parameter of the Enterprise Intelligence Network Management System
Enterprise Intelligence products are intranet management expert services. A reflective cross-site scripting vulnerability exists in the usbkeySerial parameter of the Enterprise Intelligence network management system. It allows an attacker to construct an XSS statement to directly trigger a pop-up...
Multiple File Containment Vulnerabilities in Enterprise Intelligence Series Internet Behavior Management Appliances
Enterprise Intelligence series of Internet behavior management equipment is dedicated to preventing the malicious dissemination of illegal information, avoiding the leakage of state secrets, business information and scientific research results; and real-time monitoring and management of network...
SQL Injection Vulnerability in Enterprise Intelligence's Network Office Management Expert System
Network Office Management Expert System is a network office system with a great deal of specialized knowledge. A SQL injection vulnerability exists in the Network Office Management Specialist System, which is owned by Enterprise Intelligence. It allows attackers to exploit the vulnerability to ga...