Lucene search
+L
Carson-saintSaint Security Suite

4 matches found

cve
cve
added 2020/08/10 10:55 p.m.57 views

CVE-2020-16276

CVE-2020-16276 describes an SQL injection in the Assets component of SAINT Security Suite versions 8.0 through 9.8.20 . The vulnerability allows a remote, authenticated attacker to gain unauthorized access to the database, as stated in multiple sources. The provided documents do not include expli...

8.8CVSS8.8AI score0.0118EPSS
cve
cve
added 2020/08/10 10:55 p.m.52 views

CVE-2020-16278

SAINT Security Suite, versions 8.0–9.8.20, contains a cross-site scripting (XSS) vulnerability in the Permissions component that could allow arbitrary script execution in a logged-in user’s context when a user clicks a specially crafted link. The root cause, per CNVD, is a lack of proper validati...

6.1CVSS5.9AI score0.00641EPSS
cve
cve
added 2020/08/10 10:55 p.m.44 views

CVE-2020-16277

The CVE-2020-16277 entry describes an SQL injection in the Analytics component of SAINT Security Suite versions 8.0–9.8.20. The vulnerability allows a remote, authenticated attacker to gain unauthorized access to the database, indicating a database-level impact (CPI, IPI, API) as noted in the CVS...

8.8CVSS8.8AI score0.0118EPSS
cve
cve
added 2020/08/10 10:55 p.m.43 views

CVE-2020-16275

SAINT Security Suite CVE-2020-16275 is a cross-site scripting (XSS) vulnerability in the Credential Manager component affecting SAINT Security Suite 8.0 through 9.8.20. The issue allows arbitrary script execution in the context of a logged-in user when a user clicks on a specially crafted link. T...

6.1CVSS5.9AI score0.00641EPSS