EUVD-2015-7607

Malware in sbrugna...

SSP EUROPE Secure Data Space SDS-API Cross-Site Scripting Vulnerability

SSP EUROPE Secure Data Space is a secure cross-platform enterprise cloud storage solution from SSP EUROPE, Germany. The solution supports the storage, synchronization, distribution and management of sensitive data, and SDS-API is one of the core infrastructure components that can be communicated...

CVE-2015-7706

Multiple cross-site scripting XSS vulnerabilities in Secure Data Space SDS-API before 3.5.7 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to api/v3/public/shares/downloads/, the 2 authType parameter to api/v3/auth/login, or the 3 login parameter to...

CVE-2015-7706

SSP EUROPE Secure Data Space SDS-API (pre-3.5.7) contains multiple XSS flaws exploitable via (1) PATH_INFO to api/v3/public/shares/downloads/, (2) authType in api/v3/auth/login, and (3) login in api/v3/auth/reset_password. Impact: possible injection of arbitrary script/HTML. Mitigation: upgrade t...

CVE-2015-7706

Multiple cross-site scripting XSS vulnerabilities in Secure Data Space SDS-API before 3.5.7 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to api/v3/public/shares/downloads/, the 2 authType parameter to api/v3/auth/login, or the 3 login parameter to...

Secure Data Space 3.1.1-2 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 secunet Security Networks AG Security Advisory Advisory: SECURE DATA SPACE API Multiple Non-Persistent Cross-Site Scripting Vulnerabilities 1. DETAILS - ---------- Product: SECURE DATA SPACE Vendor URL: www.ssp-europe.eu Type: Cross-site...