EUVD-2019-16555

Malware in sbrugna...

CVE-2019-7004

A Cross-Site Scripting XSS vulnerability in the WebUI component of IP Office Application Server could allow unauthorized code execution and potentially disclose sensitive information. All product versions 11.x are affected. Product versions prior to 11.0, including unsupported versions, were not...

Cross site scripting

A Cross-Site Scripting XSS vulnerability in the WebUI component of IP Office Application Server could allow unauthorized code execution and potentially disclose sensitive information. All product versions 11.x are affected. Product versions prior to 11.0, including unsupported versions, were not...

CVE-2019-7004

Avaya IP Office Application Server 11.x WebUI is vulnerable to Cross-Site Scripting (XSS) in the login page (via POST) due to improper input sanitization. Exploitation exists (POST username) and could execute arbitrary JavaScript in a user’s browser. Affected versions include 11.x up to 11.0 FP4 ...

Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability

Description Oracle Java SE is prone to a remote code-execution vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Scripting' sub-component. This vulnerability affects the following supported versions: JDK and JRE 7, 6...