CVE-2020-6372

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

PT-2024-9939 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.21 and earlier Description: A DOM-based Cross-Site Scripting XSS issue affects Adobe Experience Manager, allowing an attacker to execute arbitrary code in the context of the victim's browser session. This...

Improper Name Validation in Upload Document Form

Description The name of any uploaded document can be manipulated using the destination parameter, to include new line characters in its name, breaking the execution of JS code in "New Documents" section from "Miscellaneous" menu, that will be blank until the document is removed from DB. Proof of...

CVE-2022-32241

When a user opens manipulated Portable Document Format .pdf, PDFView.x3d files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...