Malicious code in smartsuite-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3f503ab64a15a88463b98540139d7ea61f6e362eb6328a2768419fd1eba57cf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6175 Malicious code in smartsuite-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3f503ab64a15a88463b98540139d7ea61f6e362eb6328a2768419fd1eba57cf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2012-2292

The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors...

CVE-2012-2293

Directory traversal vulnerability in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allows remote authenticated users to upload files, and consequently execute arbitrary code, via a relative path...

CVE-2012-2294

EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to conduct clickjacking attacks via a crafted web page...

Directory traversal

Directory traversal vulnerability in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allows remote authenticated users to upload files, and consequently execute arbitrary code, via a relative path...

Cross site scripting

The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Code injection

EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to conduct clickjacking attacks via a crafted web page...

CVE-2012-1064

Multiple cross-site scripting XSS vulnerabilities in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-2292

The CVE-2012-2292 issue affects RSA Archer products: EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x prior to 5.2SP1. Root cause: a misconfigured Silverlight cross-domain policy that does not restrict access to the Archer application, allowing remote attackers to bypass the Same Or...

CVE-2012-2292

The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors...

CVE-2012-1064

CVE-2012-1064 affects EMC RSA Archer GRC 5.x and SmartSuite Framework 4.x; multiple XSS vulnerabilities allowed remote attackers to inject arbitrary script/HTML via unspecified vectors in affected RSA Archer components. The ESA advisory notes fixes in RSA Archer GRC 5.3 and 5.2SP1 (upgrade to 5.3...

CVE-2012-2293

Directory traversal vulnerability in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allows remote authenticated users to upload files, and consequently execute arbitrary code, via a relative path...

CVE-2012-2294

CVE-2012-2294 affects EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x earlier than 5.2SP1. The issue is a clickjacking vulnerability exposed via crafted web pages, allowing remote attackers to entice user actions in a legitimate session. The NVD entry lists a CVSSv2 base score of 6...

CVE-2012-2294

EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to conduct clickjacking attacks via a crafted web page...