Portal Security Vulnerabilities and Issues — Portal CVE List

Lucene search

QprPortal

3 matches found

CVE•added 2015/02/01 2:59 a.m.•44 views

CVE-2014-8266

Multiple cross-site scripting (XSS) vulnerabilities in the note-creation page in QPR Portal 2014.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) body field.

4.3CVSS5.9AI score0.00547EPSS

CVE•added 2015/02/01 2:59 a.m.•38 views

CVE-2014-8267

Cross-site scripting (XSS) vulnerability in QPR Portal 2014.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the RID parameter.

4.3CVSS5.9AI score0.00547EPSS

CVE•added 2015/02/01 2:59 a.m.•31 views

CVE-2014-8268

QPR Portal before 2012.2.1 allows remote attackers to modify or delete notes via a direct request.

6.4CVSS6.8AI score0.00712EPSS