EUVD-2020-18830

Malware in sbrugna...

CVE-2020-26205

Sal is a multi-tenanted reporting dashboard for Munki with the ability to display information from Facter. In Sal through version 4.1.6 there is an XSS vulnerability on the machinelist view...

Spoofing

Sal is a multi-tenanted reporting dashboard for Munki with the ability to display information from Facter. In Sal through version 4.1.6 there is an XSS vulnerability on the machinelist view...

CVE-2020-26205 XSS in Sal

Sal is a multi-tenanted reporting dashboard for Munki with the ability to display information from Facter. In Sal through version 4.1.6 there is an XSS vulnerability on the machinelist view...

CVE-2020-26205

CVE-2020-26205 affects Sal, a multi-tenant reporting dashboard for Munki that displays data from Facter. The connected sources describe an XSS vulnerability in the machine_list view present up to Sal version 4.1.6. The vulnerability is surfaced via input that can be reflected into the page, enabl...

Munkireport munki_facts Cross-Site Scripting Vulnerability

Munkireport is a reporting tool for the Munki software management program. munkifacts is one of the custom data modules. A cross-site scripting vulnerability exists in munkifacts in MunkiReport prior to version 1.5. A remote attacker can exploit this vulnerability to inject arbitrary web script o...

Munkireport reportdata SQL Injection Vulnerability

Munkireport is a reporting tool for the Munki software management program. reportdata is one of the widget modules. A SQL injection vulnerability exists in the reportdatacontroller.php file in MunkiReport prior to version 3.5. The vulnerability can be exploited to execute arbitrary SQL commands...

CVE-2020-15881

CVE-2020-15881 affects the munki_facts module (aka Munki Conditions) in MunkiReport, with all versions before 1.5 vulnerable to stored/reflected XSS via the key name. The vulnerability allows remote attackers to inject arbitrary web script or HTML, potentially impacting the web interface and user...