Lucene search
+L
GreenboneGreenbone Security Assistant

4 matches found

CVE
CVE
added 2021/06/21 2:8 p.m.55 views

CVE-2018-25016

CVE-2018-25016 concerns Greenbone Security Assistant (GSA) and Greenbone OS (GOS). Affected versions are GSA prior to 7.0.3 and GOS prior to 5.0.0, where a host header injection vulnerability exists in the GSA web interface. The underlying issue is the handling of HTTP Host headers, enabling inje...

9.8CVSS9.4AI score0.01276EPSS
CVE
CVE
added 2016/01/26 7:0 p.m.50 views

CVE-2016-1926

The CVE-2016-1926 entry concerns Greenbone Security Assistant (GSA) 6.x up to 6.0.8, where the charts module is vulnerable to cross-site scripting (XSS). The flaw is caused by insufficient input sanitization on the aggregate_type parameter used by the get_aggregate command to omp, enabling a remo...

6.1CVSS6AI score0.01619EPSS
CVE
CVE
added 2021/06/21 2:8 p.m.49 views

CVE-2019-25047

CVE-2019-25047 affects Greenbone Security Assistant (GSA) before 8.0.2 and Greenbone OS (GOS) before 5.0.10. The flaw is an XSS in 404 URL handling in gsad. Exploitation context and impact are stated as cross-site scripting in affected web interfaces; patch versions have been released: GSA 8.0.2 ...

6.1CVSS6AI score0.01114EPSS
CVE
CVE
added 2011/01/28 3:0 p.m.46 views

CVE-2011-0650

CVE-2011-0650 concerns Greenbone Security Assistant (GSA) prior to 2.0+rc3. The issue is a CSRF vulnerability that allows an attacker to hijack the user’s authenticated session to issue OMP requests to OpenVAS Manager (e.g., sending email). This is tied to exploitation of CVE-2011-0018 via the GS...

6.8CVSS7AI score0.01058EPSS