2 matches found
CVE-2026-5015 elecV2 elecV2P Endpoint logs cross site scripting
A vulnerability was determined in elecV2 elecV2P up to 3.8.3. The impacted element is an unknown function of the file /logs of the component Endpoint. This manipulation of the argument filename causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2021-42853
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentDiagnosticServlet has directory traversal vulnerability at the "/api/appInternals/1.0/agent/diagnostic/logs" API. The affected endpoint does not have any input validation of the user's input that allows a...