2 matches found
PT-2026-28729
Name of the Vulnerable Software and Affected Versions elecV2 versions up to 3.8.3 Description A flaw exists in elecV2, specifically within the Endpoint component. Manipulation of the filename argument in a function related to the /logs file can lead to cross-site scripting. This issue is...
CVE-2016-4949
Cloudera Manager 5.5 and earlier allows remote attackers to obtain sensitive information via a 1 stderr.log or 2 stdout.log value in the filename parameter to /cmf/process//logs...