EUVD-2017-16562

Malware in sbrugna...

EUVD-2017-16560

Malware in sbrugna...

CVE-2017-7552

A flaw was discovered in the file editor of millicore which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of the RHMAP Core installation...

CVE-2017-7554

A flaw was found where the App Studio component of RHMAP 4.4 executes javascript provided by a user. An attacker could use this flaw to execute a stored XSS attack on an application administrator using App Studio...

Cross-site Scripting (XSS)

RHMAP is vulnerable to cross-site-scripting XSS attacks. An attacker could exploit a flaw in the App Studio component which allows an attacker to use this flaw to execute a stored XSS attack on an application administrator using App Studio...

Privilege Escalation

RHMAP file editor is vulnerable to privilege escalation attacks. An attacker could manipulate the file editor of millicore with an unknown input in order to gain elevated privileges. The attacker may then be able to perform unauthorized actions...

Moderate: Red Hat Security Advisory: Red Hat Mobile Application Platform 4.6.0 Release - Container Images

Red Hat Mobile Application Platform 4.6.0 Release - Container Images Red Hat Mobile Application Platform RHMAP 4.6.0 consists of three main components: Core - development and management of apps occurs in the RHMAP Core, which can be installed either in an on-premise installation of OpenShift...

CVE-2017-7554

It was found that the App Studio component of RHMAP 4.4 executes javascript provided by a user. An attacker could use this flaw to execute a stored XSS attack on an application administrator using App Studio...

CVE-2017-7552

A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of the RHMAP Core...

Cross site scripting

It was found that the App Studio component of RHMAP 4.4 executes javascript provided by a user. An attacker could use this flaw to execute a stored XSS attack on an application administrator using App Studio...

Design/Logic Flaw

A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of the RHMAP Core...

CVE-2017-7552

A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of the RHMAP Core...

CVE-2017-7554

It was found that the App Studio component of RHMAP 4.4 executes javascript provided by a user. An attacker could use this flaw to execute a stored XSS attack on an application administrator using App Studio...

CVE-2017-7554

CVE-2017-7554 affects Red Hat Mobile Application Platform (RHMAP) App Studio 4.4, where the App Studio component executes JavaScript provided by a user, enabling stored XSS against an application administrator. The cited Red Hat advisories and related feeds confirm this vulnerability type and imp...

CVE-2017-7552

CVE-2017-7552 affects the Red Hat Mobile Application Platform (RHMAP) file editor (millicore). The flaw, in affected versions before 3.19.0 and 4.x before 4.5.0, allows files to be executed as well as created, enabling an attacker to compromise other users’ or teams’ projects stored in source con...

RHMAP Millicore IDE allows RCE on SCM

A flaw was discovered in the file editor of millicore which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of the RHMAP Core installation...

Important: Red Hat Security Advisory: Red Hat Mobile Application Platform security update

An update is now available for Red Hat Mobile Application Platform 4.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...