Page 2 of 7 results (0.001 seconds)

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1

Silver Peak EdgeConnect SD-WAN before 8.1.7.x has reflected XSS via the rest/json/configdb/download/ PATH_INFO. Silver Peak EdgeConnect SD-WAN anterior de la versión 8.1.7.x ha reflejado XSS a través del resto / json / configdb / download / PATH_INFO. • https://github.com/sdnewhop/sdwannewhope/blob/master/reports/Silverpeak%20EdgeConnect%20Multiple%20Vulnerabilities%20-%20032018.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI. Silver Peak EdgeConnect SD-WAN en versiones anteriores a la 8.1.7.x permite un salto de directorio ..%2f mediante el URI rest/json/configdb/download/. • https://github.com/sdnewhop/sdwannewhope/blob/master/reports/Silverpeak%20EdgeConnect%20Multiple%20Vulnerabilities%20-%20032018.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •