12 matches found
EUVD-2018-18085
Malware in sbrugna...
EUVD-2018-17950
Malware in sbrugna...
Design/Logic Flaw
F-Secure Radar on-premises before 2018-02-15 has XSS via vectors involving the Tags parameter in the JSON request body in an outbound request for the /api/latest/vulnerabilityscans/tags/batch resource, aka a "suggested metadata tags for assets" issue...
Open redirect
F-Secure Radar on-premises before 2018-02-15 has an Unvalidated Redirect via the ReturnUrl parameter that triggers upon a user login...
CVE-2018-6324
F-Secure Radar on-premises before 2018-02-15 has an Unvalidated Redirect via the ReturnUrl parameter that triggers upon a user login...
CVE-2018-6189
F-Secure Radar on-premises before 2018-02-15 has XSS via vectors involving the Tags parameter in the JSON request body in an outbound request for the /api/latest/vulnerabilityscans/tags/batch resource, aka a "suggested metadata tags for assets" issue...
CVE-2018-6189
F-Secure Radar on-premises before 2018-02-15 has XSS via vectors involving the Tags parameter in the JSON request body in an outbound request for the /api/latest/vulnerabilityscans/tags/batch resource, aka a "suggested metadata tags for assets" issue...
CVE-2018-6189
CVE-2018-6189 affects F-Secure Radar (on-premises) prior to 2018-02-15, enabling a cross-site scripting (XSS) vulnerability via the Tags parameter in the JSON body of an outbound request to /api/latest/vulnerabilityscans/tags/batch. The issue is described as a “suggested metadata tags for assets”...
CVE-2018-6324
The CVE-2018-6324 issue affects F-Secure Radar (on-premises) prior to 2018-02-15, with an unvalidated Redirect via the ReturnUrl parameter that occurs after login. Impact described as an open redirect; user is redirected to a user-controlled destination, potentially leading to phishing or credent...
F-Secure Radar Cross Site Scripting
F-Secure Radar Persistent Cross-Site Scripting Vulnerability CVE-2018-6189 https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6189 Summary The application can suggest metadata tags for assets, and in doing so it can execute JavaScript entered previously by a malicious user. Vendor Description...
F-Secure Radar Open Redirect
F-Secure Radar Login Page Unvalidated Redirect Vulnerability CVE-2018-6324 https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6324 Summary The application will upon successfully logging in redirect the user to a user-controlled destination. A victim user may not recognise that a redirection take...
Vulnerability Management for Network Perimeter
Network Perimeter is like a door to your organization. It is accessible to everyone and vulnerability exploitation does not require any human interactions, unlike, for example, phishing attacks. Potential attacker can automate most of his actions searching for an easy target. It's important not t...