14 matches found
CVE-2019-11651
Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain types of web reques...
EUVD-2017-16446
Malware in sbrugna...
EUVD-2017-16448
Malware in sbrugna...
EUVD-2017-16447
Malware in sbrugna...
CVE-2019-11651
Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain types of web reques...
Null pointer dereference
Incorrect handling of an invalid value for an HTTP request parameter by Directory Server aka Enterprise Server Administration web UI in Micro Focus Enterprise Developer and Enterprise Server 2.3 Update 2 and earlier, 3.0 before Patch Update 12, and 4.0 before Patch Update 2 causes a null pointer...
CVE-2018-12469
Incorrect handling of an invalid value for an HTTP request parameter by Directory Server aka Enterprise Server Administration web UI in Micro Focus Enterprise Developer and Enterprise Server 2.3 Update 2 and earlier, 3.0 before Patch Update 12, and 4.0 before Patch Update 2 causes a null pointer...
Micro Focus Enterprise Developer and Enterprise Server Cross-Site Scripting Vulnerability
Micro Focus Enterprise Developer and Enterprise Server are both products of Micro Focus, a British company.Micro Focus Enterprise Developer is a set of integrated development environments for the mainframe.Enterprise Server is a production deployment platform for mainframe programs. Enterprise...
Path traversal
A Path Traversal CWE-22 vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote authenticated users to download arbitrary files from a system running the product, if this component is...
CVE-2017-7422
Reflected and stored Cross-Site Scripting XSS, CWE-79 vulnerabilities in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow remote authenticated attackers to bypass protection mechanisms CWE-693 and other...
CVE-2017-7420
An Authentication Bypass CWE-287 vulnerability in ESMAC aka Enterprise Server Monitor and Control in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to view and alter...
CVE-2017-7423
A Cross-Site Request Forgery CWE-352 vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to forge requests, if this component is configured. This includes...
CVE-2017-7421
CVE-2017-7421 describes Reflected and stored XSS (CWE-79) in Micro Focus Enterprise Developer/Enterprise Server, affecting Directory Server (Enterprise Server Administration web UI) and ESMAC. Impacted products: Micro Focus Enterprise Developer and Enterprise Server ≤ 2.3, including 2.3 Update 1 ...
CVE-2017-5187
A Cross-Site Request Forgery CWE-352 vulnerability in Directory Server aka Enterprise Server Administration web UI in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated attackers to...