2 matches found
CVE-2015-2346
Vulnerability: CVE-2015-2346 is an XXE flaw in Huawei SEQ Analyst prior to V200R002C03LG0001CP0022. An authenticated remote attacker can read arbitrary files via the req parameter. Affected product: Huawei SEQ Analyst. Root cause: XML External Entity processing. Impact: unauthorized file disclosu...
CVE-2015-2347
CVE-2015-2347 affects Huawei SEQ Analyst, prior to version V200R002C03LG0001CP0022. The vulnerability is a Cross-Site Scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML by manipulating the command XML element in the req parameter to flexdata.action (in paths:...