CVE-2018-7055
GroupViewProxyServlet in RoomWizard before 4.4.x allows SSRF via the url parameter.
7.5CVSS
7.5AI Score
0.006EPSS
CVE-2018-7056
RoomWizard before 4.4.x allows remote attackers to obtain potentially sensitive information about IP addresses via /getGroupTimeLineJSON.action.
5.3CVSS
5.1AI Score
0.003EPSS
CVE-2018-7057
RoomWizard before 4.4.x allows XSS via the HelpAction.action pageName parameter.
6.1CVSS
5.9AI Score
0.001EPSS