4 matches found
CVE-2015-7706
Multiple cross-site scripting XSS vulnerabilities in Secure Data Space SDS-API before 3.5.7 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to api/v3/public/shares/downloads/, the 2 authType parameter to api/v3/auth/login, or the 3 login parameter to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Secure Data Space SDS-API before 3.5.7 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to api/v3/public/shares/downloads/, the 2 authType parameter to api/v3/auth/login, or the 3 login parameter to...
CVE-2015-7706
SSP EUROPE Secure Data Space SDS-API (pre-3.5.7) contains multiple XSS flaws exploitable via (1) PATH_INFO to api/v3/public/shares/downloads/, (2) authType in api/v3/auth/login, and (3) login in api/v3/auth/reset_password. Impact: possible injection of arbitrary script/HTML. Mitigation: upgrade t...
Secure Data Space 3.1.1-2 Cross Site Scripting Vulnerability
Secure Data Space version 3.1.1-2 suffers from a cross site scripting vulnerability. Secure Data Space 3.1.1-2 Cross Site Scripting Vulnerability 1. DETAILS - ---------- Product: SECURE DATA SPACE Vendor URL: www.ssp-europe.eu Type: Cross-site ScriptingCWE-79 Date found: 2015-09-30 Date published...