24 results (0.001 seconds)

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0. • https://portal.microfocus.com/s/article/KM000018224?language=en_US https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes https://www.microfocus.com/support/downloads/%2C • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0 • https://portal.microfocus.com/s/article/KM000018224?language=en_US%2C https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes https://www.microfocus.com/support/downloads • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions. Se han identificado posibles vulnerabilidades en Micro Focus ArcSight Logger. Las vulnerabilidades podrían ser explotadas de forma remota dando lugar a una Divulgación de Información, o ataques de tipo Cross-Site Scripting (XSS) propios. • https://portal.microfocus.com/s/article/KM000010167?language=en_US https://www.microfocus.com/support/downloads • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Potential vulnerabilities have been identified in Micro Focus ArcSight Logger. The vulnerabilities could be remotely exploited resulting in Information Disclosure, or Self Cross-Site Scripting (XSS). This issue affects: Micro Focus ArcSight Logger versions prior to v7.2.2 version and prior versions. Se han identificado posibles vulnerabilidades en Micro Focus ArcSight Logger. Las vulnerabilidades podrían explotarse de forma remota, resultando en una Divulgación de Información o ataques de tipo Cross-Site Scripting (XSS) propios. • https://portal.microfocus.com/s/article/KM000010167?language=en_US https://www.microfocus.com/support/downloads •

CVSS: 9.8EPSS: 13%CPEs: 1EXPL: 1

Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code. Una vulnerabilidad de ejecución de código arbitraria en el producto Micro Focus ArcSight Logger, afectando a todas las versiones anteriores a 7.1.1. La vulnerabilidad podría ser explotada remotamente resultando en una ejecución de código arbitraria • https://github.com/ch1nghz/CVE-2020-11851 https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600 • CWE-94: Improper Control of Generation of Code ('Code Injection') •