11 matches found
CVE-2019-16017
A vulnerability in the Operations, Administration, Maintenance and Provisioning OAMP OpsConsole Server for Cisco Unified Customer Voice Portal CVP could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. The...
CVE-2019-16017
A vulnerability in the Operations, Administration, Maintenance and Provisioning OAMP OpsConsole Server for Cisco Unified Customer Voice Portal CVP could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. The...
CVE-2019-16017 Cisco Unified Customer Voice Portal Insecure Direct Object Reference Vulnerability
A vulnerability in the Operations, Administration, Maintenance and Provisioning OAMP OpsConsole Server for Cisco Unified Customer Voice Portal CVP could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. The...
CVE-2019-16017
CVE-2019-16017 affects Cisco Unified CVP OAMP OpsConsole Server. The issue arises from insufficient input validation on specific OAMP pages, allowing an authenticated attacker to perform Insecure Direct Object Reference actions. Impact in documented details includes information disclosure beyond ...
CVE-2019-16017 Cisco Unified Customer Voice Portal Insecure Direct Object Reference Vulnerability
A vulnerability in the Operations, Administration, Maintenance and Provisioning OAMP OpsConsole Server for Cisco Unified Customer Voice Portal CVP could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. The...
Cisco Unified Customer Voice Portal Insecure Direct Object Reference Vulnerability
A vulnerability in the Operations, Administration, Maintenance and Provisioning OAMP OpsConsole Server for Cisco Unified Customer Voice Portal CVP could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. The...
CVE-2017-12214
CVE-2017-12214 describes an elevation-of-privilege flaw in the Cisco Unified CVP OAMP credential reset, arising from insufficient input validation. An authenticated, remote attacker could exploit a crafted HTTP request to gain administrator privileges on CVP systems running 10.5, 11.0, or 11.5. E...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in OpenCMS OAMP Comments Module 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the name field in a comment, and other unspecified vectors...
CVE-2009-4505
Multiple cross-site scripting XSS vulnerabilities in OpenCMS OAMP Comments Module 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the name field in a comment, and other unspecified vectors...
CVE-2009-4505
CVE-2009-4505 concerns the OpenCMS OAMP Comments Module (v1.0.0). The vulnerability arises from unfiltered user input being reflected in comments, enabling cross-site scripting (XSS) across visitors. The Compass Security advisory details exploitability and shows the impact as potential impersonat...
CVE-2009-4505 OpenCMS OAMP Comments Module XSS
COMPASS SECURITY ADVISORY http://www.csnc.ch/ CVE ID : CVE-2009-4505 Product: OpenCMS OAMP Comments Module Vendor: Open Source, Alkacon GmbH Cologne, Germany Subject: Cross-site scripting XSS Risk: High Effect: Anonymously exploitable Author: Cyrill Brunschwiler [email protected] Date:...