Sierra Security Vulnerabilities and Issues — Sierra CVE List

Lucene search

IiiSierra

2 matches found

CVE•added 2014/09/02 2:55 p.m.•32 views

CVE-2014-5137

Innovative Interfaces Sierra Library Services Platform 1.2_3 provides different responses for login request depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of login requests, possibly related to the Webpac Pro submodule.

5CVSS6.9AI score0.0023EPSS

CVE•added 2014/09/02 2:55 p.m.•30 views

CVE-2014-5136

Cross-site scripting (XSS) vulnerability in Innovative Interfaces Sierra Library Services Platform 1.2_3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

4.3CVSS5.9AI score0.00225EPSS