CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11860
https://notcve.org/view.php?id=CVE-2020-11860
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS) Una vulnerabilidad de tipo Cross-Site Scripting en el producto Micro Focus ArcSight Logger, que afecta a todas las versiones anteriores a 7.1.1. La vulnerabilidad podría ser explotada remotamente resultando en una vulnerabilidad de tipo Cross-Site Scripting (XSS) • https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25834
https://notcve.org/view.php?id=CVE-2020-25834
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS). Una vulnerabilidad de tipo Cross-Site Scripting en el producto Micro Focus ArcSight Logger, afectando a versión 7.1. La vulnerabilidad podría ser explotada remotamente resultando en una vulnerabilidad de tipo Cross-Site Scripting (XSS) • https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600 https://www.cybereagle.io/blog/cve-2020-25834 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11657
https://notcve.org/view.php?id=CVE-2019-11657
Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack. Vulnerabilidad de tipo Cross-Site Request Forgery en todo Micro Focus ArcSight Logger afectando a todas las versiones del producto por debajo de la versión 7.0. La vulnerabilidad podría ser explotada para lleva a cabo un ataque de tipo CSRF. • https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-0/ta-p/2750305?attachment-id=76910 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11656
https://notcve.org/view.php?id=CVE-2019-11656
Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6.7.1 HotFix 6.7.1.8262.0. This vulnerability could allow Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Una vulnerabilidad de tipo XSS almacenado en Micro Focus ArcSight Logger afecta las versiones anteriores a Logger versión 6.7.1 HotFix versión 6.7.1.8262.0. Esta vulnerabilidad podría permitir la Neutralización Inapropiada de la Entrada Durante la Generación de Páginas Web ("Cross-site Scripting"). • https://community.microfocus.com/t5/ArcSight-Announcements/ArcSight-Logger-Fix-for-Security-Vulnerability/td-p/2699569 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •