Page 5 of 22 results (0.010 seconds)

CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 1

Nozomi Networks OS before 19.0.4 allows /#/network?tab=network_node_list.html CSV Injection. El Sistema Operativo Nozomi Networks versiones anteriores a 19.0.4, permite una Inyección CSV de /#/network?tab=network_node_list.html • https://www2.deloitte.com/de/de/pages/risk/articles/nozomi-csv-injection.html?nc=1 • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

Nozomi Guardian before 19.0.4 allows attackers to achieve stored XSS (in the web front end) by leveraging the ability to create a custom field with a crafted field name. Nozomi Guardian versiones anteriores a 19.0.4, permite a atacantes lograr un ataque de tipo XSS almacenados (en el front end web) al aprovechar la capacidad de crear un campo personalizado con un nombre de campo diseñado • https://www2.deloitte.com/de/de/pages/risk/articles/nozomi-stored-xss.html?nc=1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •