Page 2 of 13 results (0.001 seconds)

CVSS: 5.4EPSS: 1%CPEs: 1EXPL: 1

CVE-2019-16960

https://notcve.org/view.php?id=CVE-2019-16960

04 Jan 2021 — SolarWinds Web Help Desk 12.7.0 allows XSS via a CSV template file with a crafted Location Name field. SolarWinds Web Help Desk versión 12.7.0, permite un ataque de tipo XSS por medio de un archivo de plantilla CSV con un campo Location Name diseñado. • https://support.solarwinds.com/SuccessCenter/s • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 1%CPEs: 1EXPL: 1

CVE-2019-16956

https://notcve.org/view.php?id=CVE-2019-16956

04 Jan 2021 — SolarWinds Web Help Desk 12.7.0 allows XSS via the Request Type parameter of a ticket. SolarWinds Web Help Desk versión 12.7.0, permite un ataque de tipo XSS por medio del parámetro Request Type de un ticket. • https://support.solarwinds.com/SuccessCenter/s • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 1%CPEs: 1EXPL: 1

CVE-2019-16958

https://notcve.org/view.php?id=CVE-2019-16958

01 Dec 2020 — Cross-site Scripting (XSS) vulnerability in SolarWinds Web Help Desk 12.7.0 allows attacker to inject arbitrary web script or HTML via Location Name. Un vulnerabilidad de tipo Cross-site Scripting (XSS) en SolarWinds Web Help Desk versión 12.7.0, permite al atacante inyectar script web o HTML arbitrario por medio del Location Name • https://www.esecforte.com/cross-site-scripting-vulnerability-with-solarwinds-web-help-desk • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •