13 matches found
CVE-2020-24592
Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization...
CVE-2020-24693
The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to insufficient output sanitization...
EUVD-2020-17407
Malware in sbrugna...
EUVD-2020-26910
Malware in sbrugna...
CVE-2021-32067
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to view sensitive system information through an HTTP response due to insufficient output sanitization...
CVE-2021-32072
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information disclosing sensitive application data due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods...
CVE-2020-5749
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting XSS attacks by creating a crafted group...
CVE-2020-5750
Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting XSS attacks via the self-registration feature...
CVE-2020-5748
Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting XSS attacks via the self-registration feature...
CVE-2020-24592
Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization...
CVE-2020-5769
Teltonika TRB2 firmware TRB2_R_00.02.02 contains insufficient output sanitization in the WEB application, enabling a remote, authenticated attacker to perform persistent cross-site scripting by injecting malicious client-side code into the DATA TO SERVER fields (URL/Host/Connection). Affected: Te...
CVE-2020-5748
CVE-2020-5748 affects Tecnick.com TCExam, specifically version 14.2.2, with a vulnerability in the self-registration flow due to insufficient output sanitization that enables a remote, unauthenticated attacker to perform persistent cross-site scripting (XSS). The connected sources corroborate a c...
Cross site scripting
Insufficient output sanitization in the Automic Web Interface AWI, in CA Automic Workload Automation 12.0 to 12.2, allow attackers to potentially conduct persistent cross site scripting XSS attacks via a crafted object...