CVSS: 9.9EPSS: 0%CPEs: 3EXPL: 0CVE-2024-6784 – SSRF Server Side Request Forgery
https://notcve.org/view.php?id=CVE-2024-6784
Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-6516 – Cross Site Scripting XSS
https://notcve.org/view.php?id=CVE-2024-6516
Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •