EUVD-2016-5334

Malware in sbrugna...

EUVD-2018-17527

Malware in sbrugna...

Malicious code in jive-styling-toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a59989394c92f8fba37cb005d3969162434ceead403efd05bcb866970e799795 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4034 Malicious code in jive-styling-toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a59989394c92f8fba37cb005d3969162434ceead403efd05bcb866970e799795 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Server side request forgery (ssrf)

An issue was discovered in xmppserver jar in the XMPP Server component of the JIve platform, as used in Pascom Cloud Phone System before 7.20.x and in other products. An endpoint in the backend Tomcat server of the Pascom allows SSRF, a related issue to CVE-2019-18394...

CVE-2021-45968

An issue was discovered in xmppserver jar in the XMPP Server component of the JIve platform, as used in Pascom Cloud Phone System before 7.20.x and in other products. An endpoint in the backend Tomcat server of the Pascom allows SSRF, a related issue to CVE-2019-18394...

CVE-2018-5758

The Upload File functionality in upload.jspa in Aurea Jive Jive-n 9.0.2.1 On-Premises allows for an XML External Entity attack through a crafted file, allowing attackers to read arbitrary files...

Xxe

The Upload File functionality in upload.jspa in Aurea Jive Jive-n 9.0.2.1 On-Premises allows for an XML External Entity attack through a crafted file, allowing attackers to read arbitrary files...

CVE-2018-5758

The Upload File functionality in upload.jspa in Aurea Jive Jive-n 9.0.2.1 On-Premises allows for an XML External Entity attack through a crafted file, allowing attackers to read arbitrary files...

CVE-2018-5758

The Upload File functionality in upload.jspa in Aurea Jive Jive-n 9.0.2.1 On-Premises allows for an XML External Entity attack through a crafted file, allowing attackers to read arbitrary files...

CVE-2018-5758

Summary: CVE-2018-5758 affects Aurea Jive Jive-n 9.0.2.1 On-Premises. The vulnerability arises in the Upload File functionality (upload.jspa), enabling an XML External Entity (XXE) attack via a crafted file to read arbitrary files. The provided sources consistently describe the flaw as an XXE in ...

XML External Entity Injection in Jive-n (CVE-2018-5758)

The post XML External Entity Injection in Jive-n CVE-2018-5758 appeared first on Rhino Security Labs...

Aurea Jive Jive-n Arbitrary File Read Vulnerability

Aurea Jive Jive-n is a suite of enterprise collaboration solutions from Aurea USA. The solution is capable of supporting and hosting a number of different systems, devices and tools. A security vulnerability exists in the file upload functionality of the upload.jspa file in Aurea Jive Jive-n...

Jive Open Redirect Vulnerability

Jive is a suite of enterprise collaboration solutions from Jive, Inc. The solution is capable of supporting and hosting a number of different systems, devices and tools. An open redirection vulnerability exists in versions of Jive prior to 2016.3.1. An attacker can exploit this vulnerability to...

CVE-2016-4334

Jive before 2016.3.1 has an open redirect from the external-link.jspa page...

CVE-2016-4334

Jive before 2016.3.1 has an open redirect from the external-link.jspa page...

Open redirect

Jive before 2016.3.1 has an open redirect from the external-link.jspa page...

CVE-2016-4334

Jive before 2016.3.1 has an open redirect from the external-link.jspa page...

CVE-2016-4334

CVE-2016-4334 affects Jive prior to 2016.3.1, which contains an open redirect vulnerability on the external-link.jspa page. The root cause is an open redirect in that page, enabling redirection to a potentially malicious site. The impact is limited to user redirection, with no data disclosure des...

Jive Forums Directory Traversal Vulnerability

Jive Forums is a recognized online community. A directory traversal vulnerability exists in Jive Forums version 5.5.25 and earlier. An attacker can exploit ... /... / / jump to access system files outside of the web directory...