4 matches found
CVE-2020-16276
CVE-2020-16276 describes an SQL injection in the Assets component of SAINT Security Suite versions 8.0 through 9.8.20 . The vulnerability allows a remote, authenticated attacker to gain unauthorized access to the database, as stated in multiple sources. The provided documents do not include expli...
CVE-2020-16278
SAINT Security Suite, versions 8.0–9.8.20, contains a cross-site scripting (XSS) vulnerability in the Permissions component that could allow arbitrary script execution in a logged-in user’s context when a user clicks a specially crafted link. The root cause, per CNVD, is a lack of proper validati...
CVE-2020-16277
The CVE-2020-16277 entry describes an SQL injection in the Analytics component of SAINT Security Suite versions 8.0–9.8.20. The vulnerability allows a remote, authenticated attacker to gain unauthorized access to the database, indicating a database-level impact (CPI, IPI, API) as noted in the CVS...
CVE-2020-16275
SAINT Security Suite CVE-2020-16275 is a cross-site scripting (XSS) vulnerability in the Credential Manager component affecting SAINT Security Suite 8.0 through 9.8.20. The issue allows arbitrary script execution in the context of a logged-in user when a user clicks on a specially crafted link. T...