90 matches found
CVE-2008-1202
Cross-site scripting XSS vulnerability in the web management interface in Adobe LiveCycle Workflow 6.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
Advisory Adobe LiveCycle Workflow XSS Vulnerability
Summary Name: Adobe LiveCycle Workflow XSS Vulnerability Release Date: 11 March 2008 Reference: LSD002-2008 CVE Number: CVE-2008-1202 Discover: Dave Lewis Vendor: Adobe Systems Product: LiveCycle Workflow 6.2 Management Web Interface Systems Affected: version 6.2 as tested NB. Other versions may ...
Adobe LiveCycle Workflow crossite scripting
Crossite scripting with web management page...
CVE-2008-1202
The CVE-2008-1202 case concerns Adobe LiveCycle Workflow 6.2, where the Web Management Login Page fails to properly sanitize input, enabling cross-site scripting (XSS) via unknown vectors. This vulnerability could allow an attacker to inject arbitrary HTML/script into a user’s browser session on ...
Authentication flaw
Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01 allows users to authenticate and perform privileged actions when their account is marked "OBSOLETE" but the account is also active, within the authentication system...
CVE-2006-1628
Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01 allows users to authenticate and perform privileged actions when their account is marked "OBSOLETE" but the account is also active, within the authentication system...
CVE-2006-1628
Affected software : Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01. Vulnerability : an authentication flaw where accounts marked as OBSOLETE can still authenticate and perform privileged actions. Root cause : mismatch in account state vs. authentication/authorization in the authen...
CVE-2006-1628
Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01 allows users to authenticate and perform privileged actions when their account is marked "OBSOLETE" but the account is also active, within the authentication system...
Adobe LiveCycle security restrictiions bypass
User marked as OBSOLETE can access server...
[SA19620] Adobe LiveCycle "OBSOLETE" User Information Disclosure
TITLE: Adobe LiveCycle "OBSOLETE" User Information Disclosure SECUNIA ADVISORY ID: SA19620 VERIFY ADVISORY: http://secunia.com/advisories/19620/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: Adobe LiveCycle Workflow 7.x http://secunia.com/product/9339/ Adobe LiveCyc...