Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/11/17 12:0 a.m.25 views

JVN#61543834 EC-CUBE cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, session hijacking could be conducted. Solution Products Affected EC-CUBE v1.0.0 and earlier For more information, refer to the vendor's website...

6.9AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/09/18 12:0 a.m.24 views

JVN#42386607: Assimp vulnerable to heap-based buffer overflow

PlyLoader.cpp of Assimp provided by Open Asset Import Library contains a heap-based buffer overflow vulnerability CWE-122. Impact An attacker may execute arbitrary code by importing a specially crafted file into the product. Solution Update the Software Update the software to the latest version...

8.4CVSS8.7AI score0.00273EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/05/29 12:0 a.m.24 views

JVN#22182715: Redmine DMSF Plugin vulnerable to path traversal

Redmine DMSF Plugin provided by Kontron contains a path traversal vulnerability CWE-22. Impact When the affected version of the plugin is enabled on the Redmine instance, the logged-in user may obtain or delete arbitrary files on the server within the privilege of the Redmine process. Solution...

8.1CVSS8.1AI score0.00497EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/03/15 12:0 a.m.24 views

JVN#70640802: "ABEMA" App for Android fails to restrict access permissions

"ABEMA" App for Android provided by AbemaTV, Inc. fails to restrict access permissions CWE-926 that allows another app installed on the user's device to access an arbitrary URL on "ABEMA" App via Intent. Impact An arbitrary website may be displayed on the app, and as a result, the user may become...

3.3CVSS6.3AI score0.00176EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/02/29 12:0 a.m.24 views

JVN#35928117: Protection mechanism failure in RevoWorks

RevoWorks SCVX and RevoWorks Browser provided by J's Communication Co., Ltd. enable users to execute web browsers in the sandboxed environment isolated from the client's local environment. In the products, file exchange between the sandboxed environment and local environment is prohibited in...

9.1CVSS9.2AI score0.00485EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/01/23 12:0 a.m.24 views

JVN#77736613: Improper restriction of XML external entity references (XXE) in MLIT "Electronic Delivery Check System" and "Electronic delivery item Inspection Support System"

"Electronic Delivery Check System" and "Electronic delivery item Inspection Support System" provided by Ministry of Land, Infrastructure, Transport and Tourism, Japan improperly restricts XML external entity references XXE CWE-611. Impact Processing a specially crafted XML file may lead to exposu...

5.5CVSS5.4AI score0.00233EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/07/24 12:0 a.m.24 views

JVN#37857022: Improper restriction of XML external entity references (XXE) in Applicant Programme

Applicant Programme provided by The Ministry of Justice improperly restricts XML external entity references XXE CWE-611. Impact By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker. Solution Update the Software Update the software to the latest...

5.5CVSS5.4AI score0.00195EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/04/24 12:0 a.m.24 views

JVN#00971105: WordPress Plugin "Appointment and Event Booking Calendar for WordPress - Amelia" vulnerable to cross-site scripting

WordPress Plugin "Appointment and Event Booking Calendar for WordPress - Amelia" provided by TMS contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is logging in the WordPress where the product is installed. Solution...

6.1CVSS6.1AI score0.00508EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/12/13 12:0 a.m.24 views

JVN#60211811: Redmine vulnerable to cross-site scripting

Redmine contains a cross-site scripting vulnerability CWE-79 caused by improper Textile processing. Impact An arbitrary script may be executed on the web browser of the user using the product. Solution Update the Software Update the software to the latest version according to the information...

6.1CVSS6AI score0.00429EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/08/29 12:0 a.m.24 views

JVN#44721267: Installer of Ricoh Device Software Manager may insecurely load Dynamic Link Libraries

Installer of Device Software Manager provided by RICOH COMPANY, LTD. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the lates...

7.8CVSS7.8AI score0.0021EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/01/20 12:0 a.m.24 views

JVN#16690037: Multiple cross-site scripting vulnerabilities in php_mailform

phpmailform provided by econosys system contains multiple cross-site scripting vulnerabilities listed below. Reflected cross-site scripting vulnerability regarding the checkbox CWE-79 - CVE-2022-22142 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base...

6.1CVSS6.5AI score0.00955EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/12/13 12:0 a.m.24 views

JVN#78980598: Apache ActiveMQ vulnerable to cross-site scripting

Apache ActiveMQ provided by the Apache Software Foundation is a middleware that implements Java Message Service. Apache ActiveMQ contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update t...

6.1CVSS6.1AI score0.06093EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/09/29 12:0 a.m.24 views

JVN#72559412: ManageEngine ServiceDesk Plus uses an insecure method for cookie generation

ManageEngine ServiceDesk Plus provided by Zoho Corporation is a help desk software. ManageEngine ServiceDesk Plus uses an insecure method for generating cookies. Impact If an attacker obtains a user's cookie, the password contained in the cookie can be easily guessed. Solution Update the software...

5.3CVSS5.2AI score0.03456EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/06/22 12:0 a.m.24 views

JVN#24409899: CG-WLBARAGM vulnerable to denial-of-service (DoS)

CG-WLBARAGM provided by Corega Inc is a wireless LAN router. CG-WLBARAGM contains a denial-of-service DoS vulnerability. Impact An unauthenticated remote attacker may cause the product to reboot. Solution Apply a Workaround The following workarounds may mitigate the affects of this vulnerability...

7.8CVSS7.6AI score0.01939EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/05/12 12:0 a.m.24 views

JVN#25674893: WN-GDN/R3 Series does not limit authentication attempts

WN-GDN/R3 series provided by I-O DATA DEVICE, INC. is a wireless LAN router. WPS functionality in WN-GDN/R3 Series does not limit PIN authentication attempts, making it susceptible to brute force attacks. Impact An unauthenticated attacker within wireless range of the device may perform a brute...

4.3CVSS4.8AI score0.00632EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/12/09 12:0 a.m.24 views

JVN#89965717: WL-330NUL vulnerable to cross-site scripting

WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains a stored cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Firmware Update the firmware to the latest version according to the...

6.1CVSS6AI score0.01009EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/17 12:0 a.m.24 views

JVN#34780384: Kirby vulnerable to arbitrary file creation

Kirby is a content management system CMS. Kirby contains a vulnerability that may allow a remote attacker to create arbitrary files. Impact An arbitrary file created by a logged in attacker may result in arbitrary PHP code being executed on the server. Solution Update the Software Update to the...

6.5CVSS6.8AI score0.01255EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/07/24 12:0 a.m.24 views

JVN#58020495: Research Artisan Lite vulnerable to cross-site scripting

Research Artisan Lite provided by Research Artisan Project is an access analysis tool. Research Artisan Lite contains multiple cross-site scripting vulnerabilities CWE-79. Impact There are two attack scenarios. 1. If a user views a malicious web page, an arbitrary script may be executed on the...

4.3CVSS6AI score0.01171EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/05/01 12:0 a.m.24 views

JVN#67520407: EasyCTF vulnerable to arbitrary file creation

EasyCTF is a server side CGI used to score CTF Capture The Flag. EasyCTF contains a vulnerability that may allow a remote attacker to create arbitrary files CWE-22. Impact An arbitrary file created by an attacker may result in arbitrary code being executed on the server. Solution Update the...

6.5CVSS6.9AI score0.01255EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/04/07 12:0 a.m.24 views

JVN#71903938: bBlog vulnerable to cross-site request forgery

bBlog is weblog software. bBlog contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Do not use bBlog bBlog is no longer being developed or maintained. It is recommended to stop using...

6.8CVSS6.5AI score0.00992EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/03/26 12:0 a.m.24 views

JVN#97281747: WordPress theme flashy vulnerable to cross-site scripting

flashy is a theme for WordPress. flashy contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use flashy flashy is no longer being developed or maintained. It is recommended to stop using flashy. Products Affected flas...

4.3CVSS6AI score0.01973EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/02/20 12:0 a.m.24 views

JVN#77294617: AL-Mail32 vulnerable to directory traversal

AL-Mail32 provided by CREAR Corporation is an email client for Windows. AL-Mail32 contains a directory traversal vulnerability due to a flaw in processing attachments. Impact Processing an attachment with a specially crafted file name may result in creation of an arbitrary file or an overwrite of...

5.8CVSS6.4AI score0.01569EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/09/19 12:0 a.m.24 views

JVN#61637002: Dotclear vulnerable to cross-site scripting

Dotclear is a weblog software. Dotclear contains a cross-site scripting vulnerability. Impact If a user views a crafted page while logged in, an arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the infomration...

4.3CVSS6AI score0.01187EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/06/20 12:0 a.m.24 views

JVN#92737498: Usermin vulnerable to cross-site scripting

Usermin is a web-based interface used to manage webmail. Usermin contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser who is logged into Usermin. Solution Update the software Update to the latest version according to the information...

4.3CVSS5.8AI score0.01351EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/04/14 12:0 a.m.24 views

JVN#55438786: Content Provider in CamiApp for Android fails to restrict access permissions

The Content Provider in CamiApp for Android provided by KOKUYO S&T Co.,Ltd. contains an issue where access permissions are not restricted. Impact If a user of the affected product uses another malicious Android application, information stored in the database may be obtained or altered. Solution...

5.8CVSS6.1AI score0.01083EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/02/26 12:0 a.m.24 views

JVN#02017463: Norman Security Suite vulnerable to privilege escalation

Norman Security Suite is an anti-virus software. Norman Security Suite contains a privilege escalation vulnerability. Impact An attacker with access to the target machine may obtain escalated privileges and execute arbitrary code. Solution Apply an Update Apply the update according to the...

7.2CVSS7.1AI score0.00802EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2013/05/31 12:0 a.m.24 views

JVN#07354844: Safari information disclosure vulnerability

Safari contains an information disclosure vulnerability caused the by the improper handling of XML files. Impact When opening a specially crafted XML file as a local file, the contents of another local file may be disclosed. Solution Update the software Update to the latest version according to t...

6.5AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/12/26 12:0 a.m.24 views

JVN#40498018: WordPress vulnerable to arbitrary PHP code execution

WordPress provided by WordPress.Org is a weblog system. WordPress contains a vulnerability where arbitrary PHP code may be executed. Impact Arbitrary PHP code may be executed with the privilege of the application on the server where it resides. Solution Update the software Update to the latest...

7.3AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/11/21 12:0 a.m.24 views

JVN#80081509: Nikki vulnerable to directory traversal

Nikki from HP no Mawashimono is CGI software for posting diary entries. Nikki contains a directory traversal vulnerability. Impact A remote attacker may access or view arbitrary files on the server. Solution Update the software Update to the latest version according to the information provided by...

7.5CVSS6.6AI score0.0174EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/05/11 12:0 a.m.24 views

JVN#96839637: La Fonera+ vulnerable to denial-of-service (DoS)

La Fonera+ provided by FON is a wireless LAN router. La Fonera+ contains a denial-of-service DoS vulnerability. Impact An attacker who can communicate with La Fonera+ directly may cause a denial-of-service DoS. Solution Update the firmware Update to the latest firmware version according to the...

6.1CVSS6.2AI score0.00795EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/03/02 12:0 a.m.24 views

JVN#20982938: Multiple Things CGI products vulnerable to cross-site scripting

BBS and BBS Thread provided by Things are bulletin board software. BBS and BBS Thread contain a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided...

4.3CVSS5.9AI score0.01263EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/11/04 12:0 a.m.24 views

JVN#19173793: Ichitaro series vulnerable to arbitrary code execution

The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution. Impact When opening a specially crafted file locally or through a website, an attacker may be able to execute arbitrary code. Solution Update the Software...

9.3CVSS6.9AI score0.06065EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/10/12 12:0 a.m.24 views

JVN#82752978: Lhaplus may insecurely load dynamic libraries

Lhaplus is a file compression/extraction software supporting multiple file formats. Lhaplus loads certain DLL's when files are extracted. Lhaplus contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact An attacker may execute arbitrary code with...

6.9CVSS7.2AI score0.00295EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/03/05 12:0 a.m.24 views

JVN#06874657 OpenPNE authentication bypass vulnerability

OpenPNE is an open source SNS Social Networking Service software. OpenPNE provides an "IP address range limitation" function to provide access to certain pages only to mobile devices. OpenPNE has an issue with the IP address range limitation function that may lead to an authentication bypass...

5.8CVSS6.4AI score0.01074EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/11/19 12:0 a.m.24 views

JVN#01245481 Redmine vulnerable to cross-site scripting

Redmine is a project management software. Redmine contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. As a result, cookie information may be leaked and could lead to session hijacking or user impersonation. Solution Update the...

4.3CVSS5.8AI score0.01523EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/03/10 12:0 a.m.24 views

JVN#84899898 MP Form Mail CGI vulnerability allows third party to gain administrative privileges

MP Form Mail CGI from futomi's CGI Cafe is a software for sending contents entered into an HTML form via email. MP Form Mail CGI contains a vulnerability that allows an attacker to gain administrative privileges. Impact A remote attacker could impersonate an administrator of MP Form Mail CGI...

7.5CVSS6.4AI score0.017EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/02/23 12:0 a.m.24 views

JVN#16767117 Buffer overflow vulnerability in ActiveX Control for Sony SNC series network cameras

The ActiveX Control for Sony SNC series network cameras is a software to monitor images over the network using a web browser. This ActiveX Control contains a heap-based buffer overflow vulnerability triggered by the improper processing of some configuration variables. Impact A remote attacker cou...

10CVSS7.4AI score0.16067EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/17 12:0 a.m.24 views

JVN#67334580 hisa_cart information disclosure vulnerability

hisacart from Hisanaga Electric Co.Ltd is a shopping cart module for XOOPS. hisacart contains a vulnerability allowing the disclosure of users' information. Impact A remote attacker could obtain information of registered users. Solution Update the Software An update is being distributed to...

5CVSS6.2AI score0.01442EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/08/26 12:0 a.m.24 views

JVN#27417220 mysql-lists from AquaGardenSoft Co.,Ltd. vulnerable to cross-site scripting

mysql-lists from AquaGardenSoft Co.,Ltd. is software to show MySQL data on the web browser. mysql-lists contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest update provided by the vendor...

4.3CVSS6AI score0.01065EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/07/31 12:0 a.m.24 views

JVN#33706820 Multiple Panasonic Communications Co., Ltd. network cameras vulnerable to cross-site scripting

Panasonic Communications Co., Ltd. network camera BL-C111/131 and BB-HCM511/531/580/581/527/515 error pages contain a cross-site scripting vulnerability. Impact An arbitrary script could be executed on the user's web browser. Solution Update the Software Apply the latest updates provided by the...

4.3CVSS6AI score0.01223EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/03/16 12:0 a.m.24 views

JVN#19795972: FENCE-Pro and Systemwalker Desktop Encryption self-decoding file vulnerability

Impact The third party could view the contents of self-decoding files and obtain the passwords used for the encryption of the files. Solution Products Affected All version levels of FENCE-Pro excluding V5 V5L01 Systemwalker Desktop Encryption: V12.0L10, V12.0L10A, V12.0L10B, V12.0L20, V13.0.0 For...

7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/04/21 12:0 a.m.24 views

JVN#74294680 Winny buffer overflow vulnerability

Impact If a remote attacker sends a malicious packet, Winny will crash. It is publicly reported that arbitrary code may be executed with the privilege running Winny. Solution Products Affected Winny 2.0 b7.1 and earlier As of May 25, 2006, exploit information is publicly available. Currently we a...

7.5CVSS6.7AI score0.0469EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2005/12/05 12:0 a.m.24 views

JVN#67001206 Multiple vulnerabilities in FreeStyleWiki including cross-site scripting

Impact A malicious script may be executed on the user's web browser. Furthermore, a combination of the vulnerabilities can be exploited to create a new user with administrative privileges when a FreeStyleWiki administrator logs into it with administrative privileges and views a Wiki page which is...

7.3AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/05/13 6:41 a.m.23 views

GUARDIANWALL MailSuite vulnerable to stack-based buffer overflow

Overview GUARDIANWALL MailSuite provided by Canon Marketing Japan Inc. contains the following vulnerability. Stack-based buffer overflow in pop3wallpasswd command CWE-121 - CVE-2026-32661 This can be exploited only when the product is configured to run pop3wallpasswd with grdnwww user privilege T...

9.8CVSS7.5AI score0.00472EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/25 12:0 a.m.23 views

JVN#82536398: Multiple vulnerabilities in Quick Agent

Quick Agent provided by SIOS Technology, Inc. is a Windows application for the following Ricoh MFPs' multifunction printers scan solutions. Quick Scan Easy FAX Speedoc Smart eco FAX Quick Agent contains multiple vulnerabilities listed below. Path traversal vulnerability in the file upload functio...

9.2CVSS7.6AI score0.00777EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/03/26 12:0 a.m.23 views

JVN#39026557: Multiple vulnerabilities in PowerCMS

PowerCMS provided by Alfasado Inc. contains multiple vulnerabilities listed below. Injection CWE-74 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score 5.3 CVE-2025-29993 The product improperly processes HTTP headers. Dependency on vulnerable third-party component CWE-1395 jQuery Validation...

7.5CVSS7.2AI score0.03532EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/03/29 12:0 a.m.23 views

JVN#23528780: "Yahoo! JAPAN" App vulnerable to cross-site scripting

"Yahoo! JAPAN" App provided by LY Corporation contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the WebView of "Yahoo! JAPAN" App via other app installed on the user's device. Solution Update the application Update the application to the latest...

6.1CVSS5.6AI score0.00314EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/12/13 12:0 a.m.23 views

JVN#18715935: Multiple vulnerabilities in GROWI

GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability in the presentation feature CWE-79 - CVE-2023-42436 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2|...

6.5CVSS6AI score0.0045EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/08/07 12:0 a.m.23 views

JVN#42527152: "FFRI yarai" and "FFRI yarai Home and Business Edition" handle exceptional conditions improperly

"FFRI yarai" and "FFRI yarai Home and Business Edition" provided by FFRI Security, Inc. handle exceptional conditions improperly CWE-703. When the product's Windows Defender management feature is enabled, and Microsoft Defender detects some files matching specific conditions as a threat, the...

3.3CVSS3.8AI score0.00285EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/05/31 12:0 a.m.23 views

JVN#62111727: Pleasanter vulnerable to cross-site scripting

Pleasanter provided by Implem Inc. contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged-in user's web browser. Solution Update the software or apply the patch Update the software to the latest version according to the information provided by...

5.4CVSS5.5AI score0.00671EPSS
Exploits1
Total number of security vulnerabilities5000