79 matches found
CVE-2020-7381
In Rapid7 Nexpose installer versions prior to 6.6.40, the Nexpose installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. This would prevent the installer from distinguishing between a valid executable called during a Securit...
CVE-2020-5346
RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript...
CVE-2020-5346
RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript...
Cross site scripting
RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript...
CVE-2020-5346
RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript...
CVE-2020-5346
The CVE-2020-5346 issue affects RSA Authentication Manager versions prior to 8.4 P11, where a stored cross-site scripting vulnerability exists in the Security Console. A privileged Security Console administrator can store arbitrary HTML/JavaScript through the web interface, potentially executing ...
EMC RSA Authentication Manager < 8.4 P10 Multiple Vulnerabilites (DSA-2020-052)
The version of EMC RSA Authentication Manager running on the remote host is prior to 8.4 Patch 10. It is, therefore, affected by multiple vulnerabilities: - A cross-site scripting XSS vulnerability exists in Security Console due to improper validation of user-supplied input before returning it to...
CVE-2020-5339
RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript...
CVE-2020-5340
RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript...
CVE-2020-5339
RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript...
CVE-2020-5340
RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript...
Cross site scripting
RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript...
Cross site scripting
RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript...
CVE-2020-5340
RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript...
CVE-2020-5340
RSA Authentication Manager before 8.4 P10 is affected by a stored cross-site scripting (XSS) vulnerability in the Security Console. An authenticated, advanced-privilege Security Console administrator can inject arbitrary HTML/JavaScript via the Security Console web interface, and when other admin...
CVE-2020-5339
RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator with advanced privileges could exploit this vulnerability to store arbitrary HTML or JavaScript...
PT-2020-18413 · Rsa · Emc Rsa Authentication Manager
Name of the Vulnerable Software and Affected Versions: RSA Authentication Manager versions prior to 8.4 P10 Description: The issue concerns a stored cross-site scripting vulnerability in the Security Console of RSA Authentication Manager. A malicious administrator with advanced privileges could...
PT-2020-18414 · Rsa · Emc Rsa Authentication Manager
Name of the Vulnerable Software and Affected Versions: RSA Authentication Manager versions prior to 8.4 P10 Description: The issue concerns a stored cross-site scripting vulnerability in the Security Console of RSA Authentication Manager. A malicious administrator with advanced privileges could...
EMC RSA Authentication Manager < 8.4 Patch 8 XSS (DSA-2019-168)
The version of EMC RSA Authentication Manager running on the remote host is prior to 8.4 Patch 8 8.4.0.8. It is, therefore affected by a stored cross-site scripting vulnerability in the Security Console. A malicious, authenticated, remote Security Console administrator can exploit this...
CVE-2019-18574
RSA Authentication Manager software versions prior to 8.4 P8 contain a stored cross-site scripting vulnerability in the Security Console. A malicious Security Console administrator could exploit this vulnerability to store arbitrary HTML or JavaScript code through the web interface which could th...