Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SeagateNas Os

4 matches found

CVE
CVEadded 2019/05/13 1:29 p.m.38 views

CVE-2018-12300

Arbitrary Redirect in echo-server.html in Seagate NAS OS version 4.3.15.1 allows attackers to disclose information in the Referer header via the 'state' URL parameter.

6.1CVSS6AI score0.13495EPSS
CVE
CVEadded 2019/05/13 1:29 p.m.36 views

CVE-2018-12297

Cross-site scripting in API error pages in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via URL path names.

6.1CVSS6.2AI score0.0024EPSS
CVE
CVEadded 2019/05/13 1:29 p.m.33 views

CVE-2018-12302

Missing HTTPOnly flag on session cookies in the Seagate NAS OS version 4.3.15.1 web application allows attackers to steal session tokens via cross-site scripting.

6.1CVSS6AI score0.0024EPSS
CVE
CVEadded 2019/05/13 1:29 p.m.32 views

CVE-2018-12304

Cross-site scripting in Application Manager in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via multiple application metadata fields: Short Description, Publisher Name, Publisher Contact, or Website URL.

6.1CVSS6.3AI score0.0024EPSS