114 matches found
CVE-2021-40092
A cross-site scripting XSS vulnerability in Image Tile in SquaredUp for SCOM 5.2.1.6654 allows remote attackers to inject arbitrary web script or HTML via an SVG file...
CVE-2021-40092
The CVE-2021-40092 entry describes a cross-site scripting (XSS) vulnerability in the Image Tile feature of SquaredUp for SCOM 5.2.1.6654. The issue allows remote attackers to inject arbitrary web script or HTML via an SVG file. Connected sources corroborate the same description across multiple fe...
Squaredup 跨站脚本漏洞
A cross-site scripting vulnerability exists in Squaredup for SCOM version 5.2.1.6654, which could be exploited by remote attackers to inject malicious code into a user's device...
Squaredup 跨站脚本漏洞
A cross-site scripting vulnerability exists in the integration configuration of SquaredUp for SCOM version 5.2.1.6654, which could be exploited by remote attackers to inject arbitrary web script or HTML via an authorized URL in certain integration configurations. authorized URL in some integratio...
Squaredup安全漏洞
Squaredup is a Web service from Squaredup UK that provides data monitoring capabilities for cloud environments. a file inclusion vulnerability in the download logging functionality in SquaredUp for SCOM version 5.2.1.6654 System/Maintenance could be exploited to read arbitrary files on the server...
SquaredUp跨站脚本漏洞
A cross-site scripting vulnerability exists in the integration configuration of SquaredUp for SCOM version 5.2.1.6654, which could be exploited by remote attackers to inject arbitrary web scripts or HTML...
Squaredup 跨站脚本漏洞
Squaredup is a Web service from Squaredup UK that provides data monitoring capabilities for cloud environments. a cross-site scripting vulnerability exists in Image Tile in SquaredUp for SCOM version 5.2.1.6654, which can be exploited by remote attackers to inject arbitrary Web scripts or HTML...
CVE-2021-40091
An SSRF issue was discovered in SquaredUp for SCOM 5.2.1.6654...
CVE-2021-40091
An SSRF issue was discovered in SquaredUp for SCOM 5.2.1.6654...
Server side request forgery (ssrf)
An SSRF issue was discovered in SquaredUp for SCOM 5.2.1.6654...
CVE-2021-40091
CVE-2021-40091 describes an SSRF vulnerability in SquaredUp for SCOM 5.2.1.6654 . The affected product is SquaredUp for SCOM; the root cause is an SSRF issue. Impact details from the entry include high severity with network attack vector and low attack complexity, with both confidentiality, integ...
CVE-2021-40091
An SSRF issue was discovered in SquaredUp for SCOM 5.2.1.6654...
Squaredup 代码问题漏洞
Squaredup is a Web service from Squaredup UK that provides data monitoring capabilities for cloud environments. SSRF vulnerabilities exist in SquaredUp for SCOM, and no detailed vulnerability details are available...
Squaredup Cross-Site Scripting Vulnerability
Squaredup is a web service from Squaredup UK that provides data monitoring capabilities for cloud environments. A cross-site scripting vulnerability exists in SquaredUp versions prior to 4.6.0, which can be exploited by a user to create a dashboard, execute malicious content in an iframe, or uplo...
SquaredUp Cross-Site Request Forgery Vulnerability
Squaredup is a web service from Squaredup UK that provides data monitoring capabilities for cloud environments. A cross-site request forgery vulnerability exists in SquaredUp versions prior to 4.6.0, which can be exploited by an attacker to execute arbitrary code...
Squaredup has an unspecified vulnerability
Squaredup, a Web service from Squaredup UK that provides data monitoring capabilities for cloud environments, has a security vulnerability that could be exploited by attackers to guess a valid user name...
CVE-2020-9389
A username enumeration issue was discovered in SquaredUp before version 4.6.0. The login functionality was implemented in a way that would enable a malicious user to guess valid username due to a different response time from invalid usernames...
CVE-2020-9390
SquaredUp allowed Stored XSS before version 4.6.0. A user was able to create a dashboard that executed malicious content in iframe or by uploading an SVG that contained a script...
CVE-2020-9389
A username enumeration issue was discovered in SquaredUp before version 4.6.0. The login functionality was implemented in a way that would enable a malicious user to guess valid username due to a different response time from invalid usernames...
CVE-2020-9388
CSRF protection was not present in SquaredUp before version 4.6.0. A CSRF attack could have been possible by an administrator executing arbitrary code in a HTML dashboard tile via a crafted HTML page, or by uploading a malicious SVG payload into a dashboard...