2 matches found
CVE-2019-17503
CVE-2019-17503 affects Kirona Dynamic Resource Scheduler (DRS) 5.5.3.5. An unauthenticated user can directly access /osm/REGISTER.cmd (/osm_tiles/REGISTER.cmd), which contains SQL queries that disclose database information (version, table names, column names, etc.). Multiple sources (NVD, Red Hat...
CVE-2019-17504
Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5 is affected by a reflected XSS vulnerability. The issue allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter, indicating insufficient input validation on the web application. References in the connected doc...