NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php chg parameter.
Published at: July 07, 2020 at 12:15PM
View on website
Etiqueta: government
New vulnerability on the NVD: CVE-2020-15032
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Incidents.php id parameter.
Published at: July 07, 2020 at 12:15PM
View on website
New vulnerability on the NVD: CVE-2019-4323
"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."
Published at: July 07, 2020 at 11:15AM
View on website
New vulnerability on the NVD: CVE-2019-4324
"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."
Published at: July 07, 2020 at 11:15AM
View on website
New vulnerability on the NVD: CVE-2020-10730
A NULL pointer dereference, or possible use-after-free flaw was found in the in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigger a use-after-free or NULL pointer dereference. The highest threat from this vulnerability is to system availability.
Published at: July 07, 2020 at 10:15AM
View on website
Educ Arte Económico 