Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ApacheAllura

2 matches found

CVE
CVEadded 2019/06/19 12:15 a.m.100 views

CVE-2019-10085

In Apache Allura prior to 1.11.0, a vulnerability exists for stored XSS on the user dropdown selector when creating or editing tickets. The XSS executes when a user engages with that dropdown on that page.

6.1CVSS5.9AI score0.01862EPSS
CVE
CVEadded 2018/03/15 8:29 p.m.40 views

CVE-2018-1319

In Apache Allura prior to 1.8.1, attackers may craft URLs that cause HTTP response splitting. If a victim goes to a maliciously crafted URL, unwanted results may occur including XSS or service denial for the victim's browsing session.

6.1CVSS6.2AI score0.00752EPSS