Lucene search
K

7 matches found

Debian CVE
Debian CVE
added 2021/04/30 11:4 a.m.24 views

CVE-2020-1721

A flaw was found in the Key Recovery Authority KRA Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting XSS vulnerability. An attacker could trick an authenticated victim into executing...

6.1CVSS4.8AI score0.00981EPSS
Exploits0
Veracode
Veracode
added 2021/03/17 4:6 a.m.21 views

Cross-Site Scripting (XSS)

pki-core vulnerable to cross-site scripting. The vulnerability exists due to a flaw was found in the Key Recovery Authority KRA Agent Service where it did not properly sanitize the recovery ID during a key recovery request...

6.1CVSS2.2AI score0.00981EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2021/02/22 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for pki-core (EulerOS-SA-2021-1346)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.8AI score0.87218EPSS
Exploits4References2
Prion
Prion
added 2020/03/20 3:15 p.m.27 views

Cross site scripting

A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority KRA Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting XSS vulnerability. An attacker could trick an authenticated victim into executing special...

4.3CVSS6.2AI score0.00919EPSS
Exploits0References1Affected Software2
UbuntuCve
UbuntuCve
added 2020/03/20 3:15 p.m.38 views

CVE-2019-10179

A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority KRA Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting XSS vulnerability. An attacker could trick an authenticated victim into executing special...

6.1CVSS6.3AI score0.00919EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2020/03/20 1:57 p.m.34 views

CVE-2019-10179

A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority KRA Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting XSS vulnerability. An attacker could trick an authenticated victim into executing special...

6.1CVSS4.8AI score0.00919EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2020/03/20 12:0 a.m.16 views

PT-2020-9056 · Pki-Core +3 · Pki-Core +3

Name of the Vulnerable Software and Affected Versions: pki-core versions 10.x.x Description: A vulnerability was found in the Key Recovery Authority KRA Agent Service where it did not properly sanitize the recovery request search page, enabling a Reflected Cross Site Scripting XSS vulnerability. ...

9.8CVSS7AI score0.9927EPSS
Exploits67References158
Rows per page
Query Builder