Lucene search
K
CiscoRegistered Envelope Service

7 matches found

CVE
CVE
added 2019/04/18 12:25 a.m.56 views

CVE-2019-1777

CVE-2019-1777 concerns the Cisco Registered Envelope Service web interface, where insufficient input validation enables an authenticated, remote attacker to perform a cross-site scripting (XSS) attack on another user. Exploitation involves sending a malicious payload via email to a target user, p...

5.4CVSS5.2AI score0.00893EPSS
CVE
CVE
added 2017/11/16 7:0 a.m.52 views

CVE-2017-12323

The CVE-2017-12323 set concerns the Cisco Registered Envelope Service web interface. The connected documents confirm there are multiple XSS and redirect vulnerabilities in the service’s web UI due to insufficient validation of user-supplied input. Affected component: Cisco Registered Envelope Ser...

6.1CVSS6.1AI score0.00868EPSS
CVE
CVE
added 2017/11/16 7:0 a.m.48 views

CVE-2017-12321

The CVE-2017-12321 set concerns Cisco Registered Envelope Service, specifically its web interface. The reported flaws are cross-site scripting (XSS) vulnerabilities caused by insufficient validation of user-supplied input in the web-based management interface. An unauthenticated, remote attacker ...

6.1CVSS6.1AI score0.00868EPSS
CVE
CVE
added 2018/08/15 8:0 p.m.46 views

CVE-2018-0367

The CVE-2018-0367 issue affects the Cisco Registered Envelope Service web-based management interface. Affected component: web-based management interface; vulnerability arises from insufficient validation of user-supplied input, enabling an authenticated, remote attacker to perform cross-site scri...

5.4CVSS5.3AI score0.0091EPSS
CVE
CVE
added 2017/11/16 7:0 a.m.44 views

CVE-2017-12320

Cisco Registered Envelope Service (web interface) contains multiple XSS vulnerabilities due to insufficient input validation. An unauthenticated, remote attacker could entice a user to click a crafted link or send a request to execute arbitrary script in the user’s browser or access browser-based...

6.1CVSS6.1AI score0.00868EPSS
CVE
CVE
added 2017/04/07 5:0 p.m.44 views

CVE-2017-3889

The CVE-2017-3889 entry describes an Open Redirect in the Cisco Registered Envelope Service web interface (cloud-based). The vulnerability stems from improper input validation in the HTTP request parameters, allowing an unauthenticated, remote attacker to redirect users to a malicious URL. Affect...

6.1CVSS6.2AI score0.00941EPSS
CVE
CVE
added 2018/11/08 7:0 p.m.44 views

CVE-2018-15448

Cisco Registered Envelope Service suffers an information-disclosure vulnerability where an insecure configuration enables improper indexing, allowing unauthenticated, remote attackers to discover sensitive user data (e.g., usernames) via search engines. The root cause is misconfiguring indexing o...

7.5CVSS5.9AI score0.02222EPSS