CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-2764
https://notcve.org/view.php?id=CVE-2015-2764
Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON AP-DATA before 8.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the DSS (1) Mobile or (2) DLP report catalog. Múltiples vulnerabilidades de XSS en Websense TRITON AP-DATA anterior a 8.0.0 permiten a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de vectores no especificados en el catálogo de informes de DSS (1) Mobile o (2) DLP. • http://www.securityfocus.com/bid/73424 http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-2762
https://notcve.org/view.php?id=CVE-2015-2762
Websense TRITON AP-WEB before 8.0.0 allows remote attackers to enumerate Windows domain user accounts via vectors related to HTTP authentication. Websense TRITON AP-WEB anterior a 8.0.0 permite a atacantes remotos enumerar cuentas de usuarios del dominio de Windows a través de vectores relacionados con la autenticación HTTP. • http://www.securityfocus.com/bid/73412 http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-2767
https://notcve.org/view.php?id=CVE-2015-2767
Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to "Autocomplete Enabled." Vulnerabilidad no especificada en Websense TRITON AP-EMAIL anterior a 8.0.0 tiene un impacto y vectores de ataque desconocidos, relacionado con 'autocompletar habilitado.' • http://www.securityfocus.com/bid/73418 http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-2768
https://notcve.org/view.php?id=CVE-2015-2768
Cross-site scripting (XSS) vulnerability in Websense TRITON AP-EMAIL before 8.0.0 and V-Series 7.7 appliances allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Websense TRITON AP-EMAIL anterior a 8.0.0 y los dispositivos de la serie V 7.7 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de vectores no especificados. • http://www.securityfocus.com/bid/73429 http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-2766
https://notcve.org/view.php?id=CVE-2015-2766
The Personal Email Manager (PEM) in Websense TRITON AP-EMAIL before 8.0.0 allows attackers to have unspecified impact via a brute force attack. Personal Email Manager (PEM) en Websense TRITON AP-EMAIL anterior a 8.0.0 permite a atacantes remotos tener un impacto no especificado a través de un ataques de fuerza bruta. • http://www.securityfocus.com/bid/73426 http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 • CWE-255: Credentials Management Errors •