Lucene search
K

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/07 12:0 a.m.•22 views

JVN#18397171: FeedDemon vulnerable to arbitrary script execution

FeedDemon is an RSS/Atom feed reader. FeedDemon is vulnerable to arbitrary script execution due to the improper processing during HTML page output based on feed information when using the "feed preview" option. Impact An arbitrary script embedded in an RSS/Atom feed may be executed on the user's...

2.6CVSS6.3AI score0.01803EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/06 3:39 a.m.•3 views

SEIL series fail to restrict access permissions

Overview SEIL series contain an issue where access permissions are not restricted. SEIL series are wireless LAN routers. SEIL series contain an issue where access permissions are not restricted. Impact An attacker that can access the product's HTTP proxy may bypass restrictions such as the URL...

5CVSS6.9AI score0.01211EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/06 3:29 a.m.•6 views

WordPress plugin WassUp vulnerable to cross-site scripting

Overview The WordPress plugin WassUp contains a cross-site scripting vulnerability. WassUp is a WordPress plugin that tracks visitors to the blog. WassUp contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the...

5CVSS6AI score0.0212EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/06 12:0 a.m.•37 views

JVN#24646833: SEIL series fail to restrict access permissions

SEIL series are wireless LAN routers. SEIL series contain an issue where access permissions are not restricted. Impact An attacker that can access the product's HTTP proxy may bypass restrictions such as the URL filter. Solution Update the Software Update to the latest version of the firmware...

2.6CVSS6.6AI score0.01211EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/06 12:0 a.m.•42 views

JVN#15646988: WordPress plugin WassUp vulnerable to cross-site scripting

WassUp is a WordPress plugin that tracks visitors to the blog. WassUp contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the...

4.3CVSS6AI score0.0212EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/05 5:4 a.m.•3 views

@WEB ShoppingCart vulnerable to cross-site scripting

Overview @WEB ShoppingCart contains a cross-site scripting vulnerability. @WEB ShoppingCart provided by WEBLOGIC CORPORATION. is a system for creating shopping websites. @WEB ShoppingCart contains a cross-site scripting vulnerability. Yoshinori Matsumoto of Kobe Digital Labo.,Inc reported this...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/05 12:0 a.m.•26 views

JVN#78305073: @WEB ShoppingCart vulnerable to cross-site scripting

@WEB ShoppingCart provided by WEBLOGIC CORPORATION. is a system for creating shopping websites. @WEB ShoppingCart contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply a patch Apply the appropriate patch according to th...

4.3CVSS6AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/01 5:9 a.m.•5 views

Puella Magi Madoka Magica iP for Android vulnerable to information disclosure

Overview Puella Magi Madoka Magica iP for Android contains an information disclosure vulnerability. Puella Magi Madoka Magica iP for Android has a function to link with a Twitter account. Puella Magi Madoka Magica iP for Android contains an issue where Twitter account credentials entered by a use...

4.3CVSS6.3AI score0.01066EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/01 5:6 a.m.•5 views

Segue vulnerable to SQL injection

Overview Segue contains a SQL injection vulnerability. Segue is a content management system. Segue contains a SQL injection vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

7.5CVSS7.9AI score0.02341EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/01 5:3 a.m.•5 views

Segue vulnerable to cross-site scripting

Overview Segue contains a cross-site scripting vulnerability. Segue is a content management system. Segue contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

4.3CVSS6AI score0.01404EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/01 12:0 a.m.•30 views

JVN#97995841: Segue vulnerable to SQL injection

Segue is a content management system. Segue contains a SQL injection vulnerability. Impact A remote, unauthenticated attacker may bypass authentication and login as an administrator. Solution Do not use Segue Segue services will no longer be available after August 31, 2012. Refer to the informati...

7.5CVSS7.5AI score0.02341EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/01 12:0 a.m.•32 views

JVN#29083866: Segue vulnerable to cross-site scripting

Segue is a content management system. Segue contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Segue Segue services will no longer be available after August 31, 2012. Refer to the information provided by the...

4.3CVSS5.9AI score0.01404EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/01 12:0 a.m.•33 views

JVN#23328321: Puella Magi Madoka Magica iP for Android vulnerable to information disclosure

Puella Magi Madoka Magica iP for Android has a function to link with a Twitter account. Puella Magi Madoka Magica iP for Android contains an issue where Twitter account credentials entered by a user are saved in a log file in plain text. Impact Android applications with permissions to read system...

4.3CVSS6.2AI score0.01066EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 6:50 a.m.•3 views

Logitec LAN-W300N/R series fails to restrict access permissions

Overview Logitec LAN-W300N/R series contain an issue where access permissions are not restricted. The LAN-W300N/R series are wireless LAN routers. Logitec LAN-W300N/R series contain an issue where access permissions are not restricted. Jin Sawada, Keisuke Okazaki, Naoto Katsumi of Security...

10CVSS6.5AI score0.05867EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 6:43 a.m.•5 views

Roundcube Webmail vulnerable to cross-site scripting

Overview Roundcube webmail contains a cross-site scripting vulnerability. Roundcube Webmail is an open source webmail client from the Roundcube Webmail Project. Roundcube Webmail contains a cross-site scripting vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this...

4.3CVSS6AI score0.01812EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 6:40 a.m.•5 views

Opera fails to verify SSL server certificates

Overview Opera contains an issue where it fails to verify SSL server certificates. Opera is a web browser. Opera contains an issue where it fails to verify SSL server certificates. Impact The user may unknowingly connect to a site that is using a certificate not authorized by a CA. As a result, t...

5.8CVSS6.5AI score0.00601EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 6:37 a.m.•5 views

RSSOwl vulnerable to arbitrary script execution

Overview RSSOwl is vulnerable to arbitrary script execution. RSSOwl is an RSS/Atom feed reader. RSSOwl is vulnerable to arbitrary script execution due to the improper processing during HTML page output based on feed information. Daiki Fukumori of Cyber Defense Institute, Inc. reported this...

4.3CVSS6.9AI score0.00931EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 6:34 a.m.•4 views

Sybase EAServer vulnerable to cross-site scripting

Overview EAServer contains a cross-site scripting vulnerability. EAServer provided by Sybase is an application server. EAServer contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the develop...

4.3CVSS6.1AI score0.00931EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 12:0 a.m.•19 views

JVN#47662377: Sybase EAServer vulnerable to cross-site scripting

EAServer provided by Sybase is an application server. EAServer contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer...

6.4AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 12:0 a.m.•36 views

JVN#39707339: Opera fails to verify SSL server certificates

Opera is a web browser. Opera contains an issue where it fails to verify SSL server certificates. Impact The user may unknowingly connect to a site that is using a certificate not authorized by a CA. As a result, the user may become a victim of phishing. Solution Update the software Update to the...

5.8CVSS5.8AI score0.00601EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 12:0 a.m.•48 views

JVN#21422837: Roundcube Webmail vulnerable to cross-site scripting

Roundcube Webmail is an open source webmail client from the Roundcube Webmail Project. Roundcube Webmail contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's Internet Explorer when viewing a specially crafted image file. Solution Update the...

2.6CVSS5.5AI score0.01812EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 12:0 a.m.•34 views

JVN#77947437: RSSOwl vulnerable to arbitrary script execution

RSSOwl is an RSS/Atom feed reader. RSSOwl is vulnerable to arbitrary script execution due to the improper processing during HTML page output based on feed information. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version...

4.3CVSS6.3AI score0.00931EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 12:0 a.m.•37 views

JVN#85934986: Logitec LAN-W300N/R series fails to restrict access permissions

The LAN-W300N/R series are wireless LAN routers. Logitec LAN-W300N/R series contain an issue where access permissions are not restricted. Impact An attacker that can access the product may log in with administrative privileges. As a result, settings may be changed or altered by the attacker who...

10CVSS6.2AI score0.05867EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/21 4:56 a.m.•3 views

iLunascape for Android vulnerable in the WebView class

Overview iLunascape for Android contains a vulnerability in the WebView class. iLunascape for Android is a web browser for Android devices. iLunascape for Android contains a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to...

5CVSS6.5AI score0.01513EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/21 12:0 a.m.•37 views

JVN#86044443: iLunascape for Android vulnerable in the WebView class

iLunascape for Android is a web browser for Android devices. iLunascape for Android contains a vulnerability in the WebView class. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. Solution Update the...

5CVSS6.2AI score0.01513EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/17 4:55 a.m.•7 views

Drupal Form API fails to validate the redirect URL

Overview Drupal's Form API fails to validate the redirect URL, which may lead to unintended information disclosure. Drupal is a content management system CMS. Drupal's Form API fails to validate the redirect URL, which may lead to unintended information disclosure. Katsuhiko Nakanishi from NEC...

5.8CVSS6.7AI score0.01378EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/17 12:0 a.m.•54 views

JVN#45898075: Drupal Form API fails to validate the redirect URL

Drupal is a content management system CMS. Drupal's Form API fails to validate the redirect URL, which may lead to unintended information disclosure. Impact A remote attacker may change the redirect URL of a form. As a result, information such as authentication credentials may be disclosed...

5.8CVSS6.1AI score0.01378EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/15 7:56 a.m.•4 views

baserCMS vulnerable to session management

Overview baserCMS contains a vulnerability in session management. baserCMS is an open-source Contents Management System CMS. baserCMS contains a vulnerability in session management. Impact If a web server is hosting several websites, and baserCMS are installed on the respective websites, an...

5.1CVSS6.7AI score0.02699EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/15 7:53 a.m.•2 views

WEB MART from KENT-WEB vulnerable to cross-site scripting

Overview WEB MART provided by KENT-WEB contains a cross-site scripting vulnerability. WEB MART provided by KENT-WEB is a system for creating shopping websites. WEB MART contains a vulnerability when using Microsoft IE's CSS expressions, which may result in cross-site scripting. Isayama Takayoshi ...

4.3CVSS5.8AI score0.01783EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/15 7:44 a.m.•4 views

WEB MART from KENT-WEB vulnerable to cross-site scripting

Overview WEB MART provided by KENT-WEB contains a cross-site scripting vulnerability. WEB MART provided by KENT-WEB is a system for creating shopping websites. WEB MART contains a vulnerability in handling cookies, which may result in cross-site scripting. ISHIBASHI,Tsuyoshi of Mitsui Bussan Secu...

4.3CVSS5.8AI score0.01792EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/15 6:14 a.m.•4 views

Arbitrary Code Execution Vulnerability in Hitachi COBOL GUI Option on Windows

Overview Hitachi COBOL GUI Option on Windows contains a vulnerability where arbitrary code may be executed. This problem does not occur when only the following runtime products are solely used. COBOL GUI Option Run Time System Version 6 COBOL GUI Option Server Run Time System Version 6 COBOL GUI...

10CVSS7.7AI score0.0347EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/15 12:0 a.m.•32 views

JVN#63941302: WEB MART from KENT-WEB vulnerable to cross-site scripting

WEB MART provided by KENT-WEB is a system for creating shopping websites. WEB MART contains a vulnerability when using Microsoft IE's CSS expressions, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Updat...

2.6CVSS6.2AI score0.01783EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/15 12:0 a.m.•33 views

JVN#53465692: baserCMS vulnerable to session management

baserCMS is an open-source Contents Management System CMS. baserCMS contains a vulnerability in session management. Impact If a web server is hosting several websites, and baserCMS are installed on the respective websites, an administrator of a baserCMS can access baserCMS instance of the other...

5.1CVSS6.2AI score0.02699EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/15 12:0 a.m.•36 views

JVN#47536971: WEB MART from KENT-WEB vulnerable to cross-site scripting

WEB MART provided by KENT-WEB is a system for creating shopping websites. WEB MART contains a vulnerability in handling cookies, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest versio...

4.3CVSS6.3AI score0.01792EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/26 5:21 a.m.•5 views

sp mode mail issue in the verification of SSL certificates

Overview sp mode mail contains an issue in the verification of the SSL server certificate. sp mode mail provided by NTT DOCOMO contains an issue in the verification of the SSL server certificate. Tsukasa Hamano of Open Source Solution Technology Corporation reported this vulnerability to IPA...

5.8CVSS6.7AI score0.00665EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/26 5:15 a.m.•4 views

OSQA vulnerable to cross-site scripting

Overview OSQA The Open Source Q system contains a cross-site scripting vulnerability. OSQA is an open source question and answer system. OSQA contains a cross-site scripting vulnerability. Kousuke Ebihara reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informati...

4.3CVSS6AI score0.01161EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/26 12:0 a.m.•33 views

JVN#15503729: OSQA vulnerable to cross-site scripting

OSQA is an open source question and answer system. OSQA contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply a patch Apply the patch according to the information provided the developer. According to the developer, this...

4.3CVSS5.8AI score0.01161EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/26 12:0 a.m.•33 views

JVN#82029095: sp mode mail issue in the verification of SSL certificates

sp mode mail provided by NTT DOCOMO contains an issue in the verification of the SSL server certificate. Impact Since no warning is issued when connecting to a server that is using an invalid SSL server certificate, a remote attacker may be able to intercept communications. Solution Update the...

5.8CVSS6.3AI score0.00665EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/24 4:37 a.m.•5 views

Multiple JustSystems products vulnerable to buffer overflow

Overview Multiple products provided by JustSystems Corporation contain a buffer overflow vulnerability. Multiple products provided by JustSystems Corporation contain a buffer overflow vulnerability due to improper handling of image files. Tielei Wang of Georgia Tech Information Security Center...

9.3CVSS7.6AI score0.04227EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/24 4:36 a.m.•4 views

Multiple JustSystems products may insecurely load dynamic libraries

Overview Multiple JustSystems products may use unsafe methods for determining how to load DLL's. Multiple JustSystems products contain an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Naoto Katsumi of LAC Co., Ltd. reported this vulnerability to IPA...

6.9CVSS6.9AI score0.00405EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/24 12:0 a.m.•38 views

JVN#95378720: Multiple JustSystems products may insecurely load dynamic libraries

Multiple JustSystems products contain an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact Arbitrary code may be executed with the privileges of the running application. Solution Update the software Apply the appropriate update according to the...

6.9CVSS6.5AI score0.00405EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/24 12:0 a.m.•38 views

JVN#09619876: Multiple JustSystems products vulnerable to buffer overflow

Multiple products provided by JustSystems Corporation contain a buffer overflow vulnerability due to improper handling of image files. Impact If this vulnerability is exploited, a system may be crashed or arbitrary code may be executed. Solution Update the Software Apply the appropriate update...

9.3CVSS7.2AI score0.04227EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/20 3:21 a.m.•6 views

TwitRocker2 (Android version) vulnerable in the WebView class

Overview TwitRocker2 Android version contains a vulnerability in the WebView class. TwitRocker2 is a client software for using twitter. TwitRocker2 Android version contains a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to...

5CVSS6.5AI score0.01563EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/20 12:0 a.m.•36 views

JVN#00000601: TwitRocker2 (Android version) vulnerable in the WebView class

TwitRocker2 is a client software for using twitter. TwitRocker2 Android version contains a vulnerability in the WebView class. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. Solution Update the...

5CVSS6.2AI score0.01563EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/13 5:8 a.m.•8 views

ActiveScriptRuby vulnerable to arbitrary Ruby script execution

Overview ActiveScriptRuby contains a vulnerability where an arbitrary Ruby script may be executed on a web browser that can execute ActiveX controls when HTML is displayed. ActiveScriptRuby is a software to implement Ruby into a Windows environment. ActiveScriptRuby contains a vulnerability where...

7.5CVSS7AI score0.01688EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/13 5:3 a.m.•3 views

Dokodemo Rikunabi 2013 vulnerable to cross-site scripting

Overview Dokodemo Rikunabi 2013 contains a cross-site scripting vulnerability. Dokodemo Rikunabi 2013 is an extension for Google Chrome. Dokodemo Rikunabi 2013 contains a cross-site scripting vulnerability. Kazuhiko Kusano of Graduate School of Information Sciences,Tohoku University reported this...

5.8CVSS6.1AI score0.01968EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/13 12:0 a.m.•38 views

JVN#33283707: ActiveScriptRuby vulnerable to arbitrary Ruby script execution

ActiveScriptRuby is a software to implement Ruby into a Windows environment. ActiveScriptRuby contains a vulnerability where an arbitrary Ruby script may be executed on the web browser that can execute ActiveX controls when HTML is displayed. Impact A remote attacker may be able to obtain...

7.5CVSS6.5AI score0.01688EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/13 12:0 a.m.•37 views

JVN#90055996: Dokodemo Rikunabi 2013 vulnerable to cross-site scripting

Dokodemo Rikunabi 2013 is an extension for Google Chrome. Dokodemo Rikunabi 2013 contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on user's Google Chrome. Solution Update the software Update to the latest version according to the information provided by th...

4.3CVSS5.9AI score0.01968EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/11 2:45 a.m.•4 views

Vulnerability in Fujitsu Interstage List Works Where Permissions Cannot Be Denied

Overview Fujitsu Interstage List Works has a vulnerability where, when Everyone or a group is granted permissions to access the archive folder and data through the management tool or command line, denying permissions for a specific user who belongs to these groups fails and is not reflected on th...

3.6CVSS6.9AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/05 7:41 a.m.•5 views

SENCHA SNS vulnerable to session fixation

Overview SENCHA SNS contains a session fixation vulnerability. SENCHA SNS is an open source SNS software. SENCHA SNS contains a session fixation vulnerability. Hiroshi Tokumaru of HASH Consulting Corp. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

5.8CVSS6.7AI score0.0118EPSS
Exploits0References6
Total number of security vulnerabilities5625