CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

SysAid 20.4.74 - Cross-Site Scripting

SysAid 20.4.74 contains a reflected cross-site scripting vulnerability via the KeepAlive.jsp stamp parameter. id: CVE-2021-31862 info: name: SysAid 20.4.74 - Cross-Site Scripting author: jas37 severity: medium description: SysAid 20.4.74 contains a reflected cross-site scripting vulnerability via...

6.1CVSS6.2AI score0.03922EPSS

Exploits2References5

OSV•added 2021/10/29 11:15 a.m.•3 views

CVE-2021-31862

SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication...

6.1CVSS5.8AI score0.03922EPSS

Exploits2References2

NVD•added 2021/10/29 11:15 a.m.•8 views

CVE-2021-31862

SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication...

6.1CVSS0.03922EPSS

Exploits2References2

Prion•added 2021/10/29 11:15 a.m.•17 views

Authentication flaw

SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication...

4.3CVSS5.9AI score0.03922EPSS

Exploits2References2Affected Software1

CVE•added 2021/10/29 10:44 a.m.•115 views

CVE-2021-31862

SysAid 20.4.74 contains a reflected Cross-Site Scripting (XSS) vulnerability in the KeepAlive.jsp stamp parameter, exploitable without authentication. Affected: SysAid 20.4.74 and earlier. Root cause: unencoded stamp parameter reflected into the page output. Impact: potentially executing maliciou...

6.1CVSS5.9AI score0.03922EPSS

Exploits2References2Affected Software1

Cvelist•added 2021/10/29 10:44 a.m.•21 views

CVE-2021-31862

SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication...

6.1AI score0.03922EPSS

Exploits2References2

CNNVD•added 2021/10/29 12:0 a.m.•3 views

Sysaid Technologies SysAid 跨站脚本漏洞

Sysaid Technologies SysAid is a suite of IT service management solutions from SysAid Technologies Sysaid Technologies, Israel. A security vulnerability exists in SysAid Technologies SysAid 20.4.74 that allows XSS via the KeepAlive.jsp tag parameter without any authentication...

6.1CVSS6.2AI score0.03922EPSS

Exploits2References2

GithubExploit•added 2021/10/28 7:18 a.m.•184 views

Exploit for Cross-site Scripting in Sysaid

CVE-2021-31862 SysAid 20.4.74 allows reflected XSS via the Ke...

6.1CVSS6.9AI score0.03922EPSS

Exploits2

Prion•added 2021/07/22 12:15 p.m.•13 views

Cross site scripting

SysAid 20.3.64 b14 is affected by Cross Site Scripting XSS via a /KeepAlive.jsp?stamp= URI...

4.3CVSS5.9AI score0.0247EPSS

Exploits1References1Affected Software1

CVE•added 2021/07/22 11:54 a.m.•62 views

CVE-2021-30049

SysAid Technologies 20.3.64 b14 is affected by a Cross‑Site Scripting (XSS) vulnerability exposed via the KeepAlive.jsp?stamp= URI. The issue allows an attacker to inject and execute malicious scripts in the victim’s browser, with potential consequences including session hijacking, defacement, or...

6.1CVSS6AI score0.0247EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/07/22 11:54 a.m.•17 views

CVE-2021-30049

SysAid 20.3.64 b14 is affected by Cross Site Scripting XSS via a /KeepAlive.jsp?stamp= URI...

6.2AI score0.0247EPSS

Exploits1References1

CNNVD•added 2021/07/22 12:0 a.m.•5 views

Sysaid Technologies SysAid 跨站脚本漏洞

Sysaid Technologies SysAid is a suite of IT service management solutions from SysAid Technologies Sysaid Technologies, Israel. A cross-site scripting vulnerability exists in SysAid version 20.3.64 b14, which allows an attacker to trigger an XSS vulnerability via "/KeepAlive.jsp?stamp= URI"...

6.1CVSS5.9AI score0.0247EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by