CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44549 – SMTPS server hostname not checked when making TLS connection to SMTPS server
https://notcve.org/view.php?id=CVE-2021-44549
14 Dec 2021 — Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibility reasons these additional checks are disabled by default in JavaMail/Jakarta Mail. The SimpleMailService in Apache Sling Commons Messaging Mail 1.0 lacks an option to enable these checks for the shared mail session. A user could enable th... • https://lists.apache.org/thread/l8p9h2bqvkj6rhv4w8kzctb817415b7f • CWE-295: Improper Certificate Validation •
CVSS: 6.1EPSS: 2%CPEs: 1EXPL: 0CVE-2020-1949
https://notcve.org/view.php?id=CVE-2020-1949
01 Apr 2020 — Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS attacks. Scripts en Sling CMS versiones anteriores a 0.16.0, no se escapan apropiadamente al Sling Selector a partir de las URL cuando se generan elementos de navegación para las consolas administrativas y son vulnerables a los ataques de tipo XSS reflejados. • https://s.apache.org/CVE-2020-1949 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 3EXPL: 0CVE-2017-15717
https://notcve.org/view.php?id=CVE-2017-15717
10 Jan 2018 — A flaw in the way URLs are escaped and encoded in the org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and org.apache.sling.xss.impl.XSSFilterImpl#isValidHref allows special crafted URLs to pass as valid, although they carry XSS payloads. The affected versions are Apache Sling XSS Protection API 1.0.4 to 1.0.18, Apache Sling XSS Protection API Compat 1.1.0 and Apache Sling XSS Protection API 2.0.0. Un defecto en la manera en la que se escapan y codifican las URL en org.apache.sling.xss.impl.XSSAPIImpl#getV... • https://s.apache.org/CVE-2017-15717 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-3353
https://notcve.org/view.php?id=CVE-2012-3353
08 Jan 2018 — The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes it possible to import arbitrary files in the content repository, including local files, causing potential information leaks. Users should upgrade to version 2.1.6 of the JCR ContentLoader El XmlReader Apache Sling JCR ContentLoader 2.1.4, empleado en el módulo de carga de contenido Sling JCR posibilita la importación de archivos arbitrarios en el repositorio de contenidos, incluyendo archivos locales. Esto p... • https://issues.apache.org/jira/browse/SLING-2512 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15700
https://notcve.org/view.php?id=CVE-2017-15700
18 Dec 2017 — A flaw in the org.apache.sling.auth.core.AuthUtil#isRedirectValid method in Apache Sling Authentication Service 1.4.0 allows an attacker, through the Sling login form, to trick a victim to send over their credentials. Una vulnerabilidad en el método org.apache.sling.auth.core.AuthUtil#isRedirectValid en Apache Sling Authentication Service 1.4.0 permite que un atacante engañe a una víctima para que envíe sus credenciales a través del formulario de inicio de sesión de Sling. • https://lists.apache.org/thread.html/182bed1dd6933824a81cc5f07639eeb813fbd8f2cc49d51b452ab621%40%3Cdev.sling.apache.org%3E • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9802 – Apache Sling Servlets Post 2.3.20 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2017-9802
14 Aug 2017 — The Javascript method Sling.evalString() in Apache Sling Servlets Post before 2.3.22 uses the javascript 'eval' function to parse input strings, which allows for XSS attacks by passing specially crafted input strings. El método Javascript method Sling.evalString() en Apache Sling Servlets Post en versiones anteriores a la 2.3.22 emplea la función javascript ‘eval’ para parsear cadenas de entrada, lo que permite la ejecución de ataques XSS pasando cadenas de entrada especialmente manipuladas. Apache Sling Se... • http://packetstormsecurity.com/files/143758/Apache-Sling-Servlets-Post-2.3.20-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2016-6798
https://notcve.org/view.php?id=CVE-2016-6798
19 Jul 2017 — In the XSS Protection API module before 1.0.12 in Apache Sling, the method XSS.getValidXML() uses an insecure SAX parser to validate the input string, which allows for XXE attacks in all scripts which use this method to validate user input, potentially allowing an attacker to read sensitive data on the filesystem, perform same-site-request-forgery (SSRF), port-scanning behind the firewall or DoS the application. En el módulo de la API de protección XSS anterior a la versión 1.0.12 en Apache Sling, el método... • https://github.com/tafamace/CVE-2016-6798 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 1CVE-2016-5394
https://notcve.org/view.php?id=CVE-2016-5394
19 Jul 2017 — In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.encodeForJSString() method is not restrictive enough and for some input patterns allows script tags to pass through unencoded, leading to potential XSS vulnerabilities. En el módulo de la API de protección XSS anterior a la versión 1.0.12 en Apache Sling, la codificación hecha por el método de la función XSSAPI.encodeForJSString() no es lo suficientemente restrictiva y, para algunos patrones de entrada, permite q... • https://github.com/epicosy/VUL4J-23 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 17%CPEs: 7EXPL: 2CVE-2016-0956 – Apache Sling Framework (Adobe AEM) 2.3.6 - Information Disclosure
https://notcve.org/view.php?id=CVE-2016-0956
10 Feb 2016 — The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors. El componente Servlets Post 2.3.6 en Apache Sling, como se utiliza en Adobe Experience Manager 5.6.1, 6.0.0 y 6.1.0, permite a atacantes remotos obtener información sensible a través de vectores no especificados. Apache Sling Framework version 2.3.6 suffers from an information disclosure vulnerability. • https://packetstorm.news/files/id/135720 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 2%CPEs: 2EXPL: 1CVE-2015-2944
https://notcve.org/view.php?id=CVE-2015-2944
02 Jun 2015 — Multiple cross-site scripting (XSS) vulnerabilities in Apache Sling API before 2.2.2 and Apache Sling Servlets Post before 2.1.2 allow remote attackers to inject arbitrary web script or HTML via the URI, related to (1) org/apache/sling/api/servlets/HtmlResponse and (2) org/apache/sling/servlets/post/HtmlResponse. Múltiples vulnerabilidades de XSS en Apache Sling API anterior a 2.2.2 y Apache Sling Servlets Post anterior a 2.1.2 permiten a atacantes remotos inyectar secuencias de comandos web arbitrarios o H... • http://jvn.jp/en/jp/JVN61328139/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •