Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2021/11/12 12:0 a.m.•33 views

JVN#58407606: Unlimited Sitemap Generator vulnerable to cross-site request forgery

Unlimited Sitemap Generator provided by XML-Sitemaps contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the software Update the software to the latest version according to th...

8.8CVSS8.6AI score0.00507EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2021/09/10 12:0 a.m.•33 views

JVN#81658818: Multiple vulnerabilities in RevoWorks Browser

RevoWorks Browser provided by J’s Communication Co., Ltd. is a virtual browser which enables internet isolation. It provides the function that enables access to drives, folders, files, and registries under the isolated environment from the local environment when running the web browser. RevoWorks...

9.6CVSS9.9AI score0.01222EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/05/25 12:0 a.m.•33 views

JVN#42164352: GroupSession fails to restrict access permissions

GroupSession provided by Japan Total System Co.,Ltd. is open source groupware. GroupSession fails to restrict access permissions. Impact An authenticated attacker may obtain other user's senisitive information such as email. Solution Update the Software Update to the latest version according to t...

6.5CVSS6.3AI score0.01343EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/05/19 12:0 a.m.•33 views

JVN#85512750: Empirical Project Monitor - eXtended vulnerable to cross-site scripting

Empirical Project Monitor - eXtended provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Empirical Project Monitor - eXtended The...

5.4CVSS5.3AI score0.00891EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/04/10 12:0 a.m.•33 views

JVN#25598952: ​CS-Cart Japanese Edition fails to restrict access permissions

CS-Cart is a system for creating online shopping websites. CS-Cart Japanese Edition fails to restrict access permissions CWE-425. Impact An unauthenticated remote attacker may create a request of return an item that a consumer has purchased. Solution Update the Software Update to the latest versi...

5.3CVSS5.3AI score0.01174EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/02/03 12:0 a.m.•33 views

JVN#01014759: LaLa Call App for Android fails to verify SSL server certificates

LaLa Call App for Android provided by K-Opticom Corporation fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update to the latest version according to the information provid...

5.9CVSS5.5AI score0.00667EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/01/06 12:0 a.m.•33 views

JVN#12124922: WEB SCHEDULE vulnerable to cross-site scripting

WEB SCHEDULE provided by Olive Design contains a cross-site scripting vulnerability CWE-79 due to a flaw in processing the month parameter. Impact An artbitrary script may be executed on the user's web browser. Solution Do not use WEB SCHEDULE WEB SCHEDULE is no longer being developed or...

6.1CVSS6AI score0.0085EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 12:0 a.m.•33 views

JVN#16200242: Cybozu Garoon vulnerable to directory traversal

Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains a directory traversal vulnerability CWE-22. Impact A user may obtain arbitrary files managed by the product. Solution Update the Software Update to the latest version according to the information provided by the develope...

6.5CVSS6.7AI score0.02525EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/10/03 12:0 a.m.•33 views

JVN#09736331: Cybozu Office vulnerable to information disclosure

Cybozu Office contains an information disclosure vulnerability in the page where CGI environment variables are displayed. Cookie that contains session information has httponly attribute, and the Cookie value cannot be obtained by JavaScript code. However, Cookie values can be obtained in the page...

6.5CVSS6.3AI score0.02023EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/09/23 12:0 a.m.•33 views

JVN#46087986: Multiple plugins for Geeklog IVYWE edition vulnerable to cross-site scripting

Geeklog is an open source content management system CMS. The Geeklog IVYWE edition plugins Assist, dataBox, and userBox each contain a cross-site scripting CWE-79 vulnerability. Impact An arbitrary script may be executed on the web browser of a user who is logged on as an administrator. Solution...

6.1CVSS6.1AI score0.0168EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/06/14 12:0 a.m.•33 views

JVN#96052093: ETX-R vulnerable to denial-of-service (DoS)

ETX-R provided by I-O DATA DEVICE, INC. is a wired LAN router. ETX-R contains a denial-of-service DoS vulnerability. Impact A remote unauthenticated attacker may cause the web server on the product to be terminated abnormally. Solution Apply a Workaround The following workarounds may mitigate the...

5.3CVSS5.3AI score0.01599EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/06/02 12:0 a.m.•33 views

JVN#48847535: Trend Micro enterprise products multiple vulnerabilities

Multiple enterprise products provided by Trend Micro Incorporated contain the following vulnerabilities. Directory Traversal - CVE-2016-1223 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base Score: 4.3 CVSS v2| AV:A/AC:L/Au:N/C:P/I:N/A:N| Base Score:...

6.1CVSS6.3AI score0.04168EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/04/04 12:0 a.m.•33 views

JVN#41875357: ActiveX control for EVA Animator vulnerable to buffer overflow

ActiveX control for EVA Animator provided by Sharp Corporation contains a buffer overflow vulnerability. Impact If a user views a malicious page, arbitrary code may be executed. Solution Remove ActiveX control for EVA Animator The EVA Animator service ended and the related website for its service...

6.8CVSS6.8AI score0.01147EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/02/15 12:0 a.m.•33 views

JVN#71428831: Cybozu Office vulnerable to open redirect

Cybozu Office contains an open redirect vulnerability in network functions. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Update the Software Update to the latest version...

7.4CVSS7.3AI score0.01254EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/01/29 12:0 a.m.•33 views

JVN#12165579: Vine MV vulnerable to cross-site scripting

Vine MV contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the developer. Products Affected Vine MV prior to commit...

6.1CVSS6AI score0.01417EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/12/17 12:0 a.m.•33 views

JVN#43344629: Welcart vulnerable to SQL injection

Welcart provided by Collne Inc. is a WordPress plugin. Welcart contains an SQL injection vulnerability CWE-89 due to a flaw in the processing of searchcolumn and switch parameter in admin.php. Impact An unauthenticated attacker may obtain or alter information stored in the database. Solution Appl...

6.5CVSS6.6AI score0.01579EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/11/20 12:0 a.m.•33 views

JVN#51046809: ArcSight Management Center and ArcSight Logger vulnerable to cross-site scripting

ArcSight Management Center and ArcSight Logger from Hewlett-Packard Development Company L.P. contain a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the...

4.3CVSS5.6AI score0.01942EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/10/26 12:0 a.m.•33 views

JVN#97278546: EC-CUBE vulnerable to cross-site request forgery

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page, arbitrary PHP code may be executed on the server. Solution Update or apply the patch Update to the...

5.1CVSS6.8AI score0.00646EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/09/30 12:0 a.m.•33 views

JVN#08535069: MATCHA SNS vulnerable to code injection

MATCHA SNS provided by ICZ Corporation is an SNS software. MATCHA SNS contains a code injection CWE-94 vulnerability due to a flaw when configuring the database during installation. Impact An unauthenticated attacker who can execute the installer may execute arbitrary PHP code on the server where...

6.8CVSS7.4AI score0.01321EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/09/30 12:0 a.m.•33 views

JVN#79633796: baserCMS vulnerable to SQL injection

baserCMS is an open-source Contents Management System CMS. baserCMS contains a vulnerability that allows an authenticated user to inject arbitrary SQL statements CWE-89. Impact A logged in attacker may execute arbitrary SQL statements. Solution Update the Software Update to the latest version...

6.5CVSS7.2AI score0.01566EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/09/16 12:0 a.m.•33 views

JVN#19948778: Photon vulnerable to URL whitelist bypass

Photon provided by Newphoria Corporation Inc. is an application for Android built using "applican". Photon contains an issue where an arbitrary page may be loaded if the application is launched using the URL-scheme. Impact Android version of this app may allow an applican API to be executed if th...

6.8CVSS6.4AI score0.01093EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/09/11 12:0 a.m.•33 views

JVN#41048401: Japan Connected-free Wi-Fi vulnerable to script injection

Japan Connected-free Wi-Fi provided by NTT Broadband Platform, Inc. is vulnerable to script injection when displaying malformed strings contained in SSID. Impact When the device running the app connects to an access point and its SSID contains malicious script, the script may be executed. Solutio...

4.3CVSS6.2AI score0.01184EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/09/01 12:0 a.m.•33 views

JVN#09283606: desknet's NEO vulnerable to directory traversal

desknet's NEO provided by NEOJAPAN Inc. contains a directory traversal CWE-22 vulnerability where it fails to verify html parameter in zhtml.cgi. Impact An authenticated attacker may view arbitrary files on the server. Solution Update the Software Update to the latest version according to the...

4CVSS6.2AI score0.01557EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/09/01 12:0 a.m.•33 views

JVN#81207766: Rakuten card App for iOS fails to verify SSL server certificates

Rakuten card App for iOS provided by Rakuten Card Co., Ltd. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided ...

7.4CVSS7AI score0.01026EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/07/24 12:0 a.m.•33 views

JVN#92828286: Welcart vulnerable to SQL injection

Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a SQL injection CWE-89 vulnerability due to the processing of changeSort parameter in admin.php. Impact An attacker that can log in to WordPress with this plugin enabled may obtain or alter...

7.5CVSS6.7AI score0.02334EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/06/05 12:0 a.m.•33 views

JVN#98447310: NetFlow Analyzer vulnerable to cross-site scripting

NetFlow Analyzer provided by Zoho Corporation is a traffic analysis tool. NetFlow Analyzer contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software build and apply the patch Update the software to build 10250...

4.3CVSS5.9AI score0.02106EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/04/09 12:0 a.m.•33 views

JVN#12329472: Lhaplus vulnerable to remote code execution

Lhaplus is a file compression/decompression software. Lhaplus contains a remote code execution vulnerability. Impact Decompressing a specially crafted file name may result in an arbitrary code execution. Solution Update the Software Update to the latest version according to the information provid...

6.8CVSS7.5AI score0.02758EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/12/18 12:0 a.m.•33 views

JVN#97384696: TSUTAYA App for Android vulnerable to arbitrary Java method execution

TSUTAYA App for Android contains a vulnerability where an arbitrary Java method may be executed. Impact When viewing a specially crafted web page, an arbitrary Java method may be executed. Solution Update the software Update to the latest version according to the information provided by the...

6.8CVSS6.5AI score0.02016EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/08 12:0 a.m.•33 views

JVN#09717399: Piwigo vulnerable to cross-site scripting

Piwigo is a software to manage and host image files on the web. Piwigo contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply a patch Apply the patch according to the information provided by the developer. According to t...

4.3CVSS6.7AI score0.01792EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/29 12:0 a.m.•34 views

JVN#42511610: acmailer contains a cross-site request forgery vulnerability

Several cgi programs in acmailer contain a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged in, information registered in the product may be altered or deleted, or in some cases, the authorization privilege can be stolen. Solution Update the Software...

6.8CVSS6.3AI score0.00924EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/04/30 12:0 a.m.•33 views

JVN#31230946: Cybozu Garoon API access restriction bypass vulnerability

Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an access restriction bypass vulnerability when using APIs. Impact Users who can log in to the system may delete schedule information that they do not have permission to edit. Solution Update the Software Update to the...

6CVSS6.1AI score0.01064EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/03/17 12:0 a.m.•33 views

JVN#38227002: Unzipper vulnerable to directory traversal

Unzipper provided by R-Company contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application has privileges to...

5.8CVSS6.5AI score0.01496EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/02/07 12:0 a.m.•33 views

JVN#50943964: phpMyFAQ vulnerable to cross-site request forgery

phpMyFAQ is an open source FAQ software. phpMyFAQ contains a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged in, settings may be changed unintentionally. Solution Apply an Update Update to the latest version according to the information provided by t...

6.8CVSS6AI score0.01071EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/29 12:0 a.m.•33 views

JVN#41703192: TOWN (modified version) vulnerable to directory traversal

TOWN modified version provided by Tattyan's HP contains a directory traversal vulnerability. Impact A remote attacker may obtain arbitrary files on the server. Solution Apply an update Update to the latest version according to the information provided by the developer. Products Affected TOWN...

5CVSS6.6AI score0.01854EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/12 12:0 a.m.•33 views

JVN#01094166: Opera vulnerable to cross-site scripting

Opera is a web browser. Opera contains a cross-site scripting vulnerability when the page encoding settings are set to UTF-8. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an Update Update to the latest version according to the information provided by the...

4.3CVSS5.7AI score0.01788EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/08/19 12:0 a.m.•33 views

JVN#68156832: Yafuoku! contains an issue where it fails to verify SSL server certificates

Yafuoku! provided by Yahoo Japan Corporation contains an issue where it fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the informati...

5.8CVSS6.2AI score0.00521EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/07 12:0 a.m.•33 views

JVN#91387819: mora Downloader may insecurely load executable files

mora Downloader contains an issue in the file search path when loading files, which may insecurely load executables or other files. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Update the software Update to the latest version according to t...

10CVSS7.2AI score0.0241EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/01 12:0 a.m.•33 views

JVN#23328321: Puella Magi Madoka Magica iP for Android vulnerable to information disclosure

Puella Magi Madoka Magica iP for Android has a function to link with a Twitter account. Puella Magi Madoka Magica iP for Android contains an issue where Twitter account credentials entered by a user are saved in a log file in plain text. Impact Android applications with permissions to read system...

4.3CVSS6.2AI score0.01066EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/15 12:0 a.m.•33 views

JVN#53465692: baserCMS vulnerable to session management

baserCMS is an open-source Contents Management System CMS. baserCMS contains a vulnerability in session management. Impact If a web server is hosting several websites, and baserCMS are installed on the respective websites, an administrator of a baserCMS can access baserCMS instance of the other...

5.1CVSS6.2AI score0.02699EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/26 12:0 a.m.•33 views

JVN#15503729: OSQA vulnerable to cross-site scripting

OSQA is an open source question and answer system. OSQA contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply a patch Apply the patch according to the information provided the developer. According to the developer, this...

4.3CVSS5.8AI score0.01161EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/26 12:0 a.m.•33 views

JVN#82029095: sp mode mail issue in the verification of SSL certificates

sp mode mail provided by NTT DOCOMO contains an issue in the verification of the SSL server certificate. Impact Since no warning is issued when connecting to a server that is using an invalid SSL server certificate, a remote attacker may be able to intercept communications. Solution Update the...

5.8CVSS6.3AI score0.00665EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/03/05 12:0 a.m.•33 views

JVN#08871006: ES File Explorer fails to restrict access permissions

ES File Explorer provided by EStrongs Inc. is a file and application manager. ES File Explorer contains an issue where access permissions are not restricted. Impact When using a specific function, a remote attacker may obtain local files that the application has permissions to view. Solution Upda...

4.3CVSS6.3AI score0.01054EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/01/11 12:0 a.m.•33 views

JVN#78901873: Wibu-Systems CodeMeter Runtime vulnerable to denial-of-service

CodeMeter Runtime provided by Wibu-Systems AG contains an issue when processing TCP packets, which may lead to a denial-of-service DoS. Impact A remote attacker may be able to cause a denial-of-service DoS. Solution Update the software Update to the latest version according to the information...

5CVSS6.1AI score0.05107EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/28 12:0 a.m.•33 views

JVN#50227837: Touhou Hisouten vulnerable to denial-of-service

Touhou Hisouten from Twilight Frontier is a video game which has an online match mode. Touhou Hisouten contains an issue when processing network traffic, which may result in a denial-of-service DoS. Impact A remote attacker may cause an unexpected application termination. Solution Apply a patch...

5CVSS6.4AI score0.01409EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/13 12:0 a.m.•33 views

JVN#04013920: Pligg vulnerable to cross-site scripting

Pligg is a Content Management System CMS. Pligg contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer. Products Affected...

4.3CVSS5.7AI score0.0098EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/08/26 12:0 a.m.•33 views

JVN#29529126: Samba Web Administration Tool vulnerable to cross-site request forgery

Samba Web Administration Tool SWAT allows for Samba configuration through a web interface. SWAT contains a cross-site request forgery vulnerability. SWAT is disabled in a default configuration of Samba. Impact When a user is logged in to SWAT as root, an attacker may change configurations in Samb...

6.8CVSS5.1AI score0.10046EPSS
Exploits6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/07/25 12:0 a.m.•33 views

JVN#47124169: Oracle iPlanet Web Server information disclosure vulnerability

Oracle iPlanet Web Server formerly Sun Java System Web Server is a web server. Oracle iPlanet Web Server contains an information disclosure vulnerability. Impact A remote attacker may obtain source code. Solution Update the software Update to the latest version according to information provided b...

5CVSS5.9AI score0.02521EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/07/15 12:0 a.m.•33 views

JVN#86220950: Google Search Appliance vulnerable to cross-site scripting

Google Search Appliance from Google is a product that provides searching services for an intranet service or a website. Google Search Appliance contains a cross-site scripting vulnerability. Impact An arbitrary script may executed on the user's web browser. Solution Update the software Update to...

4.3CVSS6AI score0.00489EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/05/17 12:0 a.m.•33 views

JVN#99175647: Virus Buster 2009 key input encryption function vulnerability

The key input encryption function in Virus Buster 2009 contains a vulnerability where a portion of password that is entered in the web browser is not properly encrypted. Impact When input information is stolen by a key logger, portions of the information may be leaked in plaintext. Solution Updat...

2.1CVSS6.3AI score0.0023EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/09 12:0 a.m.•33 views

JVN#48425028: Flash Player access restriction bypass vulnerability

When Flash Player references a different website than the site where Flash contents are hosted, the referenced site must be allowed access by the cross-domain policy file. Flash Player contains a vulnerability where access restrictions set by the cross-domain policy file may be bypassed. Impact...

9.3CVSS8.1AI score0.05256EPSS
Exploits0
Total number of security vulnerabilities5000